Subject: Cyber Operations Center (CyOC)
The Challenge:
Consolidated and efficient Information Assurance Vulnerability Management (IAVM) compliance, reporting, and monitoring was lacking within the client’s organization. Previous to the Cyber Operations Center (CyOC) formation, reporting was done loosely via manual and labor-intensive processes. This frustrated the organization’s leadership and their ability to track and address cyber compliance issues effectively. Compounding this issue, Military Treatment Facilities (MTFs) are well into the transition to the client’s Medical Community of Interest (Med-COI), which increased the number of reportable assets within the client’s area of responsibility. This led to multiple calls from higher headquarters to the client’s leadership, indicating growing non-compliance and increased risk.
The Solution:
Client leadership looked to Sentar and our government colleagues for a better solution, resulting in the design and formation of the Cyber Operations Center (CyOC). By consolidating inter-related resources (e.g., IAVM compliance, Incident Response, Boundary Defense), the CyOC was able to increase and enhance various continuous monitoring activities. Equally important, this formation provided the organization with a single functional resource for the DHA J-6 (CIO) for support questions and coordinated support response activities. The CyOC team created a portal for DHA subscribers to track active issuances and priority items coming from USCYBERCOM and JFHQ-DODIN. It also has established helpful links to all of the tools used within the CyOC for users to view, along with any documentation sent along with issuances or other compliance needs. We implemented weekly calls with the subscribers to ensure transparency across the enterprise on what is being reported, what is upcoming, and what is past due. The CyOC also reports directly to higher headquarters leadership every Thursday in the Commanders Update Brief, representing the Agency on all related matters.
The Mission Impact:
• Reduced Enterprise Risk:
The CyOC improves situational awareness of cyber vulnerabilities across the expanding client enterprise and ensures consistency of vulnerability assessment and remediation actions, and effective prioritization of resources to optimize mission risk.
• Improved Cyber Incident Response:
By combining Army MEDCOM and Navy Incident Response teams with the Cybersecurity Service Provider (CSSP), our client improved its coordinated approach to cyber incidents, both offensive and defensive, throughout the Military Health System (MHS) and various Areas of Operation (AOs).