Cybersecurity: Leadership, innovations and advanced solutions

Cybersecurity: Leadership, innovations and advanced solutions

February 2021

The rise of cyber security incidents in U.S. federal government agencies

In the past year, a record number of cyber security incidents-28,591-were reported by U.S. federal government agencies to the U.S. Department of Homeland Security (DHS).

The U.S. Government Accountability Office (GAO) has made more than 3,000 recommendations in the past several years to U.S. federal agencies to address cybersecurity shortcomings. GAO reports that about 600 of the 3,000 cybersecurity recommendations had not been fully implemented as of September 2020. Of the 600 cybersecurity recommendations yet to be fully implemented, GAO designated 75 as cybersecurity priority recommendations-meaning that GAO believes these recommendations warrant priority attention from the heads of federal departments and agencies. Until the GAO-stated 75 cybersecurity priority recommendations are fully implemented, U.S. federal IT systems and data will be increasingly susceptible to cyber threats, cyberattacks and costly data breaches.

Perspecta cybersecurity: Leadership by example

The advancement of cybersecurity services and solutions to support U.S. federal, state, and local government is a top strategic priority for Perspecta. As a result, numerous strategic investments have been made and new cybersecurity capabilities have been developed including the following:

• • Cybersecurity leadership team (CLT): an enterprise-wide team of senior executives including the chief technology officer and members of our business groups, business development, Perspecta Labs and our offerings and solutions group. Led by the corporate Vice President of Cybersecurity Gregory Garrett, the team regularly meets to share cybersecurity trends, technologies, tools, techniques, case studies and best practices to advance cybersecurity capabilities for the U.S. public sector

• • Cybersecurity community of practice (COP): an established community of practice which allows Perspecta's nearly 14,000 IT and cybersecurity professionals to meet virtually and share information about common cybersecurity policies, plans, technologies, systems, tools, etc. The Cybersecurity COP sponsors monthly cybersecurity webinars to educate members and has formed virtual subject matter expert groups on specific cybersecurity topic areas including identity, credential and access management, zero trust, cybersecurity governance, risk and compliance (GRC) and cybersecurity managed services

• • Perspecta office in Augusta, Georgia: located at the Georgia Cyber Center, a center created by a public and private partnership among state and federal governments, academia and the private sector to fulfill a vision for solving complex cybersecurity challenges, Perspecta's office supports the growth of the U.S. Army Cyber Command at Fort Gordon. We provide state-of-the-art cybersecurity facilities for software development, cyber operations and software testing to support U.S. federal, state and local government agencies

• • Cyber forensics lab: a lab built to conduct software forensics analysis, malware testing, cybersecurity analyst training, software testing, penetration testing, systems integration testing and more

• • Cybersecurity Independent Research and Development (IRAD): Perspecta has funded and implemented numerous cybersecurity IRAD projects to advance cybersecurity technologies, develop new cybersecurity tools and services and expand cybersecurity offerings and solutions for the U.S. public sector

• • Perspecta Labs-cybersecurity research and development (R&D): our expert team of 350+ researchers at Perspecta Labs work with many leading U.S. colleges and universities to conduct U.S. government-funded research and development projects on a wide range of IT, mobile communications and cybersecurity projects. Many of these cybersecurity R&D projects have resulted in the development of new advanced cybersecurity software and solutions

• • Perspecta cybersecurity strategic business partnerships: we invest time and resources to build long-term strategic business partnerships with leading cybersecurity software, hardware and services companies including Microsoft, Symantec, Cisco and ServiceNow. For example, Perspecta is a ServiceNow Elite Partner and has invested significant resources and independent R&D to develop a unique cybersecurity application programmable interface to integrate Tenable vulnerability scanning information into the ServiceNow GRC, vulnerability management and incident response management modules

• • Cybersecurity offerings asset repository (OAR) and innovation library: our offerings and solutions group has developed a database of Perspecta cybersecurity artifacts including capabilities statements, case studies, customer presentations, white papers, service descriptions, statements of work, training materials, webinars, videos and much more to provide real-time customer support

• • Cybersecurity thought leadership and outreach: our cybersecurity leadership is actively engaged in creating and providing cybersecurity thought leadership via webinars, podcasts, speaking opportunities at government-sponsored industry days and numerous published cybersecurity white papers, articles and books

Case Study: Enterprise cybersecurity as a service

Since 2013 Perspecta has successfully served as the prime government contractor for a large U.S. federal government civilian agency. We have provided the government agency a secure delivery of services to its customers by ensuring compliance with U.S. federal, National Institute of Standards and Technology (NIST), agency and related IT and cybersecurity policies, regulations and directives and by implementing cybersecurity best practices. By implementing Perspecta's cybersecurity as a service (CaaS) solution, the government agency has significantly reduced operational risk and improved enterprise cyber defense performance results.

The government agency contract required the phased transition from level of effort-based cyber staff augmentation to a performance-based contract with a performance work statement (PWS), acceptable quality levels (AQL) and a disincentives plan implementing a comprehensive enterprise portfolio of cybersecurity managed services using a CaaS model. The Perspecta CaaS model allows the government to scale up or scale down systems and services as needed.

The CaaS contract scope of work includes:

Security	Information system	Governance, risk	Communications	Cybersecurity
operations center	security o icer	and compliance	security	engineering

CaaS program key facts:

Consists of more than 125 operational FISMA systems

Enterprise deployment of SplunkImplementation of continuous diagnostics and mitigationImplementation of SOAR, Cyberhunt and penetration testing systems and toolsEstablished continuous

ATO with common controls programServe as FedRAMP SME for all cloud systems

Perspecta cybersecurity innovations and advanced solutions

Perspecta's team of professionals continuously develop new IT and cybersecurity innovations to enhance digital transformation and data security for our U.S. federal, state and local government customers.

Perspecta both creates and leverages cybersecurity innovations through our internal IRAD program, our cyber forensics lab, an extensive network of university alliances, our strategic business partnerships with leading technology companies and our transformative applied research hub, Perspecta Labs. With 280+ issued and licensed patents and 350+ scientists, engineers and analysts, Perspecta Labs has served as a leading provider of cybersecurity R&D for the Defense Advanced Research Projects Agency, U.S. Army Research Labs and the Intelligence Advanced Research Projects Agency.

The following are just a few of the many cybersecurity innovations and advanced solutions developed by Perspecta Labs:

• • Computer network defense (CND): features real-time, zero day malware detection and response via artificial intelligence (AI) with automated anomaly and specification-based intrusion detection correlated across hosts and networks

• • Security for wireless networks and smart devices: provides automated AI-based security for mobile ad hoc networks with secure data-in-transit, two layers of encryption and secure multicast communications

• • CyberVAN: a cyber range designed for training security operations center (SOC) analysts and other cybersecurity employees anytime and anywhere using simulated military and intelligence networks and simulated cyberattacks. CyberVAN can also be used for security testing of software for a diverse array of malware and cyberattack scenarios

• • VulnerVAN: a software tool designed to develop customized cyberattack scenarios leveraging the MITRE ATT&CK cyberattack framework, designed for use with CyberVAN

• • EnergyDefender: a multi-axis cyber integrity solution that analyzes traffic, power, binary integrity and cyber emissions to support defensive cyber operations and hunt cyber-weapons in SCADA environments

• • SecureSmart: a commercially deployed cybersecurity continuous monitoring service and Cyber CatalystSM solution for advanced metering, distribution automation and smart city infrastructure that intercepts and analyzes wireless low power, wide area network traffic

• • Customized information networks for deception and attack mitigation (CINDAM): leverages AI and software-defined networking (SDN) to create temporary, individualized, deceptive environments to confuse attackers and redirect them to honeypots

• • DDoS Defender: significantly improves cyber resilience against distributed denial of service (DDoS) cyberattacks by automatically dispersing cyber assets, disguising characteristics / behaviors of these assets and mitigating cyberattacks

• • Distributed, assured and dynamic configuration (DADC): automated network and cloud security configuration capability to enforce security policies and reduce vulnerabilities and manpower requirements

• • Z-Day: a real-time AI-based situation monitoring of behaviors, resource usage and communication of software applications and hosts capable of suggesting and taking actions to curb cyberattacks yet maintain enterprise and mission operation

Summary

Perspecta is a leading provider of integrated cybersecurity solutions for the U.S. public sector. From the top-down, Perspecta is committed to enhancing cybersecurity by investing in the best cybersecurity talent in the market, conducting extensive cybersecurity research and development into advanced solutions at Perspecta Labs and creating state-of-the-art cybersecurity facilities such as our Cyber Impact Center at Annapolis Junction, Maryland and our cyber forensics lab. Perspecta's cybersecurity leadership team is focused on leveraging all of its talent, resources and strategic partners to support the U.S. public sector in solving the increasingly complex cybersecurity challenges of today and tomorrow.