Cyber-Physical Defense Operations

Booz Allen’s tailored solutions enable enterprise-wide cyber threat detection analytics that are vendor and technology agnostic. In addition, we partner with industry-leading, reputable solutions providers to implement innovative security solutions for our clients. Booz Allen has implemented anomaly and threat detection solutions across the most challenging and unique operational technology networks, including large enterprise IT, OT/ICS enclaves, and fleet/weapon system maintenance networks. Our approach to threat detection is extensible enough to incorporate current-state environments.

Our OT/ICS SOC-as-a-Service (SOCaaS) offering consists of a team of trained cybersecurity practitioners focused on identifying and responding to active and emerging threats. Additionally, the SOC is a critical part of the overall cybersecurity strategy because it helps lower the adversarial dwell time and, if implemented correctly, reduces the potential for attacks to cause harm. Booz Allen is an industry leader for managed SOC services, recently recognized by Frost & Sullivan as market leader for the Global Managed Detection and Response market. For DOD clients, we tailor our SOC requirements to the More Situational Awareness for Industrial Control Systems (MOSAICS) framework where applicable.

Our technology platform uses advanced and secure software tools to provide a high-fidelity, all-in-one testbed for cyber-physical systems. The platform provides functionality to emulate hardware in a virtual environment, integrate the hardware for hardware-in-the-loop (HWIL) testing, rapidly network physical and simulated assets, record data flow at the software level for security analysis, and consume test plans and requirements.

We help clients understand the critical mission components of weapon and space systems through the lens of cybersecurity. This enables programs to implement a cyber mitigation strategy that addresses system dependencies and hardens weapon or space system components. Through MBCRA and a system-of-systems approach, programs can ensure an effective defense-in-depth strategy and protect critical infrastructure and weapon and space systems by remediating high-risk vulnerabilities and implementing detection mechanisms and compensating controls to enable mission success. 

We enable testing of software and hardware components to ensure that patching security vulnerabilities doesn’t break functionality or expand the attack surface. Additionally, this allows for production-level vulnerability assessments and red team exercises that don’t compromise production assets.

Production OT/ICS environments contain a variety of specialized equipment and software and often face strict engineering and change control processes. By mirroring these technologies in our labs, we're able to replicate real-world environments to:

• Conduct tech scouting to test and validate new tools or products
• Validate vulnerabilities
• Demonstrate attacks
• Test out security solutions—before we implement them