Case Study

Innovating for Security Operations

Delivering optimized cybersecurity threat assessment, risk mitigation, governance, and cross-collaboration initiatives.

Challenge

A Federal Law Enforcement client was looking for a trusted partner to lead their cybersecurity governance and threat assessment initiatives to include their vulnerability assessment program and incident response program within their Security Operations Center (SOC).

 

Solution

Guidehouse experts established an enterprise vulnerability assessment program team, which provided enterprise vulnerability scanning across all system enclaves and classification levels to increase the visibility of endpoint security within the IT ecosystem.

Guidehouse provided program and operations support for Security Assessment and Authorization (SA&A) initiatives including information security continuous monitoring (ISCM) activities, and deployment and maintenance of the IT Governance Risk and Compliance (GRC) application. Experts optimized existing tool sets to support investigations, threat and vulnerability assessments, and the coordination of f action with SOC stakeholders to execute defensive measures.

Guidehouse implemented ISCM at the Information System level utilizing methods from the NIST Cyber Security Framework and established a repeatable and sustainable approach to SA&A that aligns with NIST SP 800-37 Rev 1, Risk Management Framework.

Supported advanced analytics by developing dashboards and dynamic reporting through the newly implemented vulnerability management solution, and GRC tool including charts, dashboards, and customized reports utilizing to make risk-based decisions.

Leveraged data to redefine the information systems standards and security controls.

 

Impact

Our client is making drastic improvements to its cybersecurity governance and threat assessment initiatives:

  1. Optimized existing tool sets, provided recommendations to improve process, and matured the incident response program
  2. Improved program threat and vulnerability detection and understanding of risk, and define categorization for proactive monitoring and management
  3. Delivered dashboards to drive informed and risk base decisions and measure overall security posture
  4. Developed rules of engagement to drive better practices and mitigation techniques

 


Let Us Guide You

Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, the firm collaborates with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.

Stay ahead of the curve with news, insights and updates from Guidehouse about issues relevant to your organization and its work.