CTS maintains a comprehensive security program management that provides policy management, compliance management, continuity services, and auditing services as well as security operations. Security operations include network security, incident handling, vulnerability management, data security, risk management, audit logging, and access control management.
Service is provided for customer and enterprise applications within the CTS end user Infrastructure and USDA data centers at Fort Worth, TX and Salt Lake City.
What is included
- Operations Security: Services provided include intrusion detection and prevention (IDS/IPS) , content filtering, vulnerability scanning and remediation, audit logging/monitoring, risk management, and security patch management.
- Cyber Incident Management: Incident management and forensic collection and analysis are provided for reporting and remediation of security issues.
- Data Security: Services provided include encryption, media sanitization, malicious code protection, and application security support.
Security Program Management: CTS provides information and assurance that CTS services comply with mandatory security controls to include:
- Risk Management Framework for security categorization, security control selection and implementation, control assessment, information system authorization, and continuous control monitoring.
- FISMA compliance for CTS-provided services.
- Standards and guidelines for providing adequate information security for all agency operations and assets.
- Continuity Services: This service offer covers all requirements for contingency planning in accordance with the NIST SP 800-34 Contingency Planning Guide for Federal Information Systems and as specified under the Homeland Security requirements administered by FEMA. This service covers support for both Continuity of Operations Planning (COOP), Contingency Planning, and Disaster Recovery/Testing.
- Personnel Security: This service provides security training, awareness, and completion of security agreements.
- Access Control Support: User access requests, daily, quarterly, and annual access reports are provided to support access control programs.
How We Charge
Security costs are fully integral with CTS' services.
Service Level Metrics
Security Compliance, Operations and Program Management Performance Measurements
|Performance||Performance Measure||Performance Target|
Security Incident Notification Time reportable to USDA/OCIO/OIS
Customer Alert less than 30 minutes after discovery or within Cyber Security guidelines
Respond and Assess less than 4 hours
OCIO CTS Response Time – USDA/OCIO/OIS Incident Notification Time
Review and provide assessment less than 3 business days
Duration of Incident Resolution OCIO/CS Timeline Requirement (varies per incident type)
Incident Resolution Time – OCIO/CS Incident Notification Time
Completion of task quarterly
Months in FISMA compliance ÷ 12 (Rolling Average)
Scanning is limited to systems connected directly to the OCIO CTS network environment.
|Microsoft® Vulnerability Remediation||
Vulnerability Assessment - No critical vulnerability on a publicly available system -OIS green scorecard
|Vulnerabilities per Endpoint||
Vulnerability Assessment -The ratio of total vulnerabilities to the number of endpoints according to USDA's BigFix inventory – OIS green scorecard (OIS is reworking the scorecard and this metric is likely to need to change)
Measurement Tool - OCIO CTS Logs, OCIO CTS Scan Database Reports and OIS green scorecard
Reporting is subject to baseline measurements and vendor limitations.
Cost Savings Tips
- Respond to suspected threats quickly to prevent attacks from spreading.
- IT security training, awareness, and the completion of security agreements gives users the needed tools and information to protect an agency’s vital information resources.
- Prevent the loss of important information or to decrease the impact of a disaster by having both COOP, Contingency Planning, and Disaster Recovery/Testing.
- Provide a controlled configuration management facility to ensure greater uptime of IT systems.
- Protect sensitive information whether it's stored on a desktop, laptop, smartphone, tablet, removable storage media, an email server, or even the corporate network.