Command Cyber Readiness Inspection Support
Scheduled and No-Notice Phase IV Command Cyber Readiness Inspections (CCRIs) are here. Along with it, several new requirements that are now included into the grade. These enhancements are meant to help strengthen the Department of Defense Information Network (DoDIN) and combat the ever- changing emerging threat landscape. These new requirements not only increase the burden of accountability for vulnerabilities found within inspected enclaves, but also include a quantitative risk assessment for improved decision making and situational awareness.
With ongoing Phase IV enhancements, there are again grading weight adjustments, new TASKORDs and OPORDs, and additional technologies that have been included into inspection. These enhancements are meant to place greater emphasis on Internet facing technologies as well as to better detect, deter, and defend against the Insider Threat.
Whether you have been through a few CCRIs or are about to be inspected for the first time, the process of preparing is intense and full of complex security nuances that, if not properly implemented, have the potential to significantly reduce a CCRI grade or worse, lead to a CCRI failure. It only takes a misconfigured Vulnerability Scanner, a missing Endpoint Security Product or a few errors in an ACL to make or break a respectable CCRI grade.
This is where a SecureStrux CCRI Site Assist Visit (SAV) fits into your overall inspection preparation. Because our consultants have been actively involved in the evolution and maturing of the CCRI program since its inception in 2009, we know how to best consult and advise Commanders, Facility Security Officers (FSOs), Information System Security Managers (ISSMs), Security Analysts, and System Engineers on how to efficiently prepare and successfully pass their CCRI.
Our seasoned CCRI consultants are DISA Cyber Readiness Reviewer qualified, IA 8570.01-M certified, and have over 50 years of accumulated experience in conducting CCRIs and reviewing CCRI technologies and processes. SecureStrux has cleared personnel that are able to travel both CONUS and OCONUS. Combined, we have completed hundreds of CCRI reviews both within the US and around the world. We have valuable insights into what it takes to bring both small and command-level, enterprise networks into passing compliance. Our certified Team Leads and Reviewers understand the CCRI process, the grading methodology, the applicable STIGs, the intent of the CND Directives, individual FRAGOs, and the tools used during the inspection. We have proven success in advising, focusing, and assisting sites to become not only CCRI inspection ready, but secure and sustainably compliant.
We welcome the opportunity in becoming your trusted CCRI 365 Ready Partner in preparing for your inspection as well as completing an After-Action Plan (AAP). We will help train your personnel, prepare your environment, and develop a customized Path to CCRI Success. If you are preparing and need assistance with an upcoming CCRI, contact us today and find out how you can benefit from our CCRI experience and SAV services.
SecureStrux CCRI 365 Ready Services
- Phase IV Grading | CND Directives Guidance
- Vulnerability Management | CCRI Tool Configuration
- McAfee ePO Engineering | Endpoint Deployment
- ACAS Security Center | Nessus Engineering
- Network Perimeter | Infrastructure Hardening
- Program Managed (PM) System Evaluations
- Wireless Discovery
- Wireless Controller | Endpoint Assessments
- Blackberry | Mobility Configuration Services
- Active Directory | Exchange Compliance
- UNIX | RHEL Security Compliance
- Domain Naming System (DNS) Security Services
- Database | Web Security Compliance
- Cross-Domain Solutions (CDS) Consulting
- REL Implementations | Architecture Reviews
- MS Workstation Hardening (New Requirement)
Deter | Detect | Defend | Sustain
With SecureStrux, You Can Be Confident That You Are CCRI 365 Ready