NDTI Recognized for Excellence in Information Assurance
In May 2014, NDTI was recognized for their diligent, technical, and information assurance (IA) excellence in support of a week-long rigorous Cyber Security Inspection (CSI) conducted at Navy Surface Warfare Center, Port Hueneme (NSWC PHD).
Directed by United States Cyber Command (USCYBERCOM) responsible for setting “Cyber policy” for the entire Department of Defense (DoD) enterprise, CSIs are a comprehensive, graded inspection involving all Cyber Security areas to ensure DoD networks are compliant with directives and guidance. The U.S. Fleet Cyber Command (FLTCYBERCOM)/Tenth Fleet (C10F) Office of Compliance and Assessment (OCA) team of 13 Cyber Security Professionals conducted the inspection from 12 – 16 May, 2014 consisting of a Navy Captain (Officer in Charge), a technical Team Lead, Technical Reviewers and Navy Information Operations Command (NIOC) network scanners (Blue Team Assessment). The NDTI team worked diligently and effectively to achieve CSI compliance as determined by the FLTCYBERCOM requirements by addressing all of the Security Technical Implementation Guide (STIG’s) applicable to the environments inspected and ensured these environments were in a state to have a minimum amount of open findings. The preparation consisted of performing technical configuration, applying best practices, verifying/instituting vulnerability management (i.e. patches, Information Assurance Vulnerability Alerts (IAVAs)) and verifying/creating policy documentation. In preparation, the team thoroughly examined all pertinent STIGs, reviewed thousands of policy rules and numerous Communications Tasking Orders (CTOs), updated appropriate documents, and performed numerous reconfigurations or patches. NSWC PHD’s CIO recognized NDTI for “displayed superb professionalism in every area its expertise touched upon, from project management and network engineering to system administration, IA services, C&A, programming, and help desk.” The CSI Team Officer in Charge repeatedly mentioned how impressed he was with the technical knowledge of NDTIs IT and IA personnel they interacted with.
“At many commands when an inspector asks a question of the technical POC, all he or she gets back is silence, but at PHD the people in charge of systems really were in charge, and knew all that could be expected of them.”