General Dynamics Land Systems had the challenging task of handling their Command Cyber Readiness Inspection (CCRI) and DSS Security Vulnerability Assessment (SVA) inspections during back-to-back weeks. SecureStrux provided preparation assistance for both the CCRI and DSS SVA and the success of this partnership resulted in an “Excellent” CCRI score and a “Superior” SVA score.
With limited understanding of what a CCRI was all about and the recent departure of their primary System Administrator, GDLS was short-staffed and needed CCRI engineering and subject matter expert assistance. To add to their dilemma, GDLS went through a Computer Network Defense Service Provider (CNDSP) migration and did not yet have access to their CNDSP’s Assured Compliance Assessment Solution (ACAS), Vulnerability Scanning or Host Based Security System (HBSS) endpoint enterprise monitoring tools. On top of these complications and with only a few weeks before their inspection, GDLS went through a major network refresh to replace their hardware.
This was the first CCRI for GDLS since receiving their connection and they had every reason to be concerned about their need for assistance in preparing for these two very difficult and highly visible inspections. Because of SecureStrux’s reputation and high success rate in helping their Clients secure their assets and achieve outstanding CCRI scores, GDLS made the easy decision of turning to SecureStrux for CCRI support.
A CCRI is a DoD-wide program that is required by both the SIPRNet Connection Approval Process (CAP) and NIPRNet CAP to validate the site’s current network configuration, status of the site’s Authority to Connect (ATC), and the security readiness of the site under direction of the USCYBERCOM.
With only a few months before their CCRI, a short-staffed GDLS team partnered with SecureStrux to replace and STIG all new network hardware, gain access to the CNDSP’s ACAS and HBSS tools, confirm OPORD compliance, configure STIG compliance for all technologies in the enclave, and verify all DoD Collateral information systems security settings against the DSS baseline.
“It took tremendous teamwork and management support in order to accomplish such outstanding results in such a short duration,” noted Michelle Maitland, a Senior Cybersecurity Analyst, who helped GDLS prepare for both inspections. “Without the dedication and cohesion of GDLS’s security team and continuous management support to bring such a team together, the outcome would not have been such a huge success.”
SecureStrux, LLC is a woman-owned, small cybersecurity consulting firm which focuses on providing specialized services in the areas of compliance, vulnerability management, cybersecurity strategies and engineering solutions. SecureStrux offers a comprehensive range of services that provides clients with proven methods and common-sense approaches to secure their data, build trust with their Clients, and remain compliant with DoD, Federal, and Industry standards.