Perspectives

Developing a Hyper-Adaptable Mission Systems Framework

data analysts working on mission systems framework

Securing the nation’s vital infrastructure

As the nation’s risk advisor, the Cybersecurity and Infrastructure Security Agency (CISA) is tasked with the mission of leading the national effort to understand, manage, and reduce risk to cyber and physical infrastructure. The stakes couldn’t be higher. The agency’s work encompasses everything from helping secure the U.S. supply chain during crisis, to protecting and facilitating communications during emergencies, to supporting free and fair elections at all levels of government.

Key to CISA’s mission is the ability to identify, analyze, prioritize, and mitigate both potential and actual cyber risks and attacks on the government and private networks. Here are some of the challenges they face.

An Attack Surface That Is Growing Exponentially

Many agencies have already begun to migrate data and applications to the cloud in pursuit of the flexibility and cost savings that such solutions provide. The COVID-19 pandemic has accelerated this evolution as unprecedented numbers of personnel have made the transition to remote work, creating a need to accommodate a wide variety of both bring-your-own and agency-provided mobile devices.

This shift, along with the growth in internet of things (IoT), operational technology (OT), and other non-IT devices, is drastically expanding the cyber-attack surface. Bad actors have been all too quick to take advantage of this situation. Recent supply chain attacks have exposed the vulnerabilities in the nation's software code infrastructure and highlighted a lack of supply chain visibility.

The increasing complexity, creativity, and persistence of attacks—and the ever-evolving nature of the cyber landscape itself—help drive the demand for advanced cyber capabilities to be delivered through an agile cybersecurity framework that brings disparate teams, people, technology, and tools together.

The Need for Visibility Across the Government Landscape

The National Cybersecurity Protection System (NCPS) is an integrated system-of-systems that delivers a range of capabilities, such as intrusion detection, analytics, information sharing, and intrusion prevention. NCPS also assists more than 100 federal civilian government agencies with guarding their networks and critical data. The large amount of sensor data including endpoint data being collected at the CISA and agency layers makes it increasingly difficult to correlate anomalous behaviors across agencies and maintain adequate visibility.

The move to the cloud where agencies are dealing with hybrid and multicloud deployments, the shift to remote work, and the expanding use of mobile devices have only increased the amount of data to be analyzed. Adoption of advanced cyber analytics helps accelerate the processing of this data to extract valuable insights to detect and mitigate threats.

A Need to Rapidly Deliver New Capabilities

Too often, existing cybersecurity tools either overload analysts with false positives or fail to detect legitimate threats. To get the most out of your operational investment, each tool must be properly architected, integrated, and tuned to ensure optimal effectiveness. And to match the tempo of today’s threats, agencies must be able to deliver new tools and capabilities quickly, securely, and efficiently, in a wide range of analytics environments.

Booz Allen Can Meet the Challenge

With the various challenges that federal agencies face today, leveraging an industry ally will help bring leading solutions and practices in the fight to protect national security. Frost & Sullivan, a leading market research and strategy firm, ranked Booz Allen as the largest single market share in Managed and Professional Security Services in North America.

We have deep experience delivering cyber capabilities across the national civil, defense, and intelligence communities, as well as in the commercial sector. We draw on this extensive background to create data architectures and platforms that provide visibility across the enterprise and that can be leveraged to develop insights and identify patterns and anomalies across agencies and systems.

We have also developed and matured a wide range of proven tools, capabilities, and techniques, as well as adaptable and repeatable processes to deploy and operationalize them.

We can help federal agencies meet the challenges they face in the following key areas:

Asset Discovery

Developing a complete inventory is the first step in hardening the ever-expanding attack surface. Whether your systems are on-premise, in the cloud, or hybrid, our approach begins by making sure you have a thorough and accurate accounting of all devices and bill of materials.

We then apply zero-trust principles, such as conditional access, to make the environment more secure and resilient. Our zero-trust assessment framework is being implemented across the Department of Defense (DOD) and civil agencies to determine an organization’s zero-trust maturity level.

Improving Enterprise Visibility

Our cyber analysts fused with data scientists have an unmatched understanding of the way threats and attackers operate. They apply advanced tools such as artificial intelligence (AI) and machine learning (ML), and harness the power of the cloud by leveraging on-demand high compute resources to normalize and enrich streaming data at scale, increasing the speed and accuracy of threat detection.

Delivering New Capabilities

To take full advantage of the benefits available in the cloud, we apply the latest software modernization delivery. We use the Scaled Agile Framework (SAFe®) to improve transparency and collaboration between stakeholders, and human-centered design to keep our design focused on our users.

We adhere to DevSecOps principles, where we design security requirements and leverage continuous integration and continuous delivery (CI/CD) and automated testing to enable continuous authority to operate. And to meet the speed and accuracy needed, we follow a software factory model, aligning work to cross-functional teams that can deliver the features from start to finish to deliver capabilities that are flexible and powerful enough to meet the ever-evolving demands of cybersecurity professionals.

A Track Record of Success: Accelerating Air Force Modernization with Platform One

When the Air Force set out to fundamentally reimagine its approach to software delivery, Booz Allen was proud to help make that vision a reality. Platform One is the federal government’s first DevSecOps enterprise-level service, providing accelerated software development and deployment that is open, vendor agnostic, scalable, and interoperable—with continuous, comprehensive security built in at the foundation.

In helping design and develop Platform One, Booz Allen relied on its extensive expertise and experience in software delivery, program management, cybersecurity, and operations. We have been integral in delivering and maturing all phases of Platform One capabilities and operations. Among the projects for which we have provided technical leadership are a repository of reusable approved and hardened containers that are “plug and play” ready. We’ve also developed a shared, multitenant environment that provides CI/CD, and enterprise tools and capabilities for development, testing, and production. These ready-made platforms and infrastructures allow developers to focus on what really matters—building high-value mission applications that can be fast-tracked to production.

Of course, in the defense space, agility must always be balanced with security. Beyond our support of the technical implementation of the program, Booz Allen is also the Information Systems Security Manager (ISSM), responsible for assessing risk across all products and services in partnership with the Platform One team. In this capacity, our cybersecurity experts and engineers are helping transform longstanding cyber practices and policies so that DOD can adapt to a true DevSecOps model.

Our work on Platform One demonstrates that innovation isn’t just about technology insertion. Truly successful strategies start with a deep understanding of the organization’s needs, the environment, and the maturity level of the current systems. This understanding can then be used to develop a roadmap toward an effective solution that incorporates the latest technology while also extracting full value from existing tools. Culture is a foundational piece of this strategy, including essential elements such as workforce development, education, training, and exposure to new ways of doing business with industry.

Platform One serves as a model for open architecture and software delivery services across DOD—demonstrating the benefits that can be gained through automation, managed DevSecOps services, and cultural transformation.

Investing for the Future

As the nation’s federal cyber leader, CISA must also keep one eye on the horizon to assess which future technologies warrant investigation today to best protect the nation in the future—the “Secure Tomorrow” aspect of the agency’s mission. Booz Allen is fully committed to proactive and ongoing investments to help our clients stay ahead of the technology curve.

Our tech scouting organization maintains an extensive network across venture capital firms in Silicon Valley, Boston, and other technology hubs, engaging with the early-stage ecosystem to stay knowledgeable about up-and-coming technologies and companies.
The Booz Allen Partner Network brings together the right organizations and includes programs for commercial partners, public sector organizations, small businesses, and tech startups.
We have made significant investments in creating facilities specifically focused on emerging technologies and addressing the complex needs and constraints of government agencies, 30 innovation labs across the country including our Dark Labs, AI Adoption Studio within The Helix, 5G Lab, Malware Lab, and Charleston Software Factory.
We invest heavily in training, tools, and resources to keep our employees up to date on the latest technologies.

We’ve made investments into new automation solutions and tool technologies, such as SnapAttack, District Defend, and Modzy.

A Proven Partner

With our unrivaled history of service as a long-term partner to government agencies, along with our proven capabilities in the latest cutting-edge technologies, Booz Allen is uniquely qualified to support CISA on its transformative journey. While there are any number of system integrators looking toward commercial technologies that can be adapted to the government space, we are fundamentally focused on government first.