Securing and Protecting Citizen Information through Continuous Monitoring
Background: The Department of Education awarded Fulcrum an Information Assurance (IA) Support Services contract to provide IA solutions in support of the Office of the Chief Information Officer (OCIO). Fulcrum was awarded tasks under the Blank Purchase Agreement (BPA) for Continuous Monitoring and Data Loss Prevention.
Impact: Fulcrum analyzed the market space, acquired, installed, and successfully demonstrated a solution to monitor the current security posture of the Department continuously. Subsequently, Fulcrum developed a concept of operations, architecture, and roadmap to guide the implementation of an automated continuous monitoring solution for all departmental endpoints in accordance with Federal Government Guidelines. This project resulted in the immediate improvement of the risk posture through the identification and remediation of numerous FISMA reportable vulnerabilities and established the ongoing cyber security reporting and metrics program. Additionally, the project outputs provided the foundation for the standup of an internal Security Operations Center (SOC) which allowed the migration of these services from another Federal Agency.
Title: Transforming the Nations Report Card through Technological Innovation
Background:In 2002, the Department of Education awarded the Web Technology Operations Maintenance and Development (WTDOM) contract to Fulcrum to provide Infrastructure support for 4,000 users in support of the National Assessment of Educational Progress (NAEP) that assessed up to 2,000,000 students per year.
Impact:What began more than 11 years ago as infrastructure support has extended across three successive contracts with an expanded scope based on our stellar performance and innovative ideas. Fulcrum helped move NAEP from paper and pencil to computer based assessments that saves the Department millions of dollars per year, accurately captures 100% of student responses, captures student observable data that helps to improve the design of future assessments, and helps to reduce the carbon footprint associated with the administration of data collection for the Nation’s Report Card. Fulcrum not only plays a significant role in the capture of NAEP data, but has implemented a number of innovations related to how NAEP presents data to the public. This includes the development of a customized content management system that has increased the accuracy and efficiency of the development of NAEP reports while also ensuring that all web and print products adhere to department guidelines. Fulcrum has developed an Android and iOS mobile application to assist in the outreach of NAEP data to students, parents and educators, and has redesigned the NAEP public website which has resulted in a significant increase in the number of visitors to the website.
Collaboration and Consolidation for the Administrative Office of the U.S. Courts
Background:The Administrative Office (AO) of the U.S. Courts awarded the Web Hosting contract to Fulcrum to provide support for multiple internal and external hosted websites for the Third Branch, the Federal Judiciary. This support included two intranet sites -- one for the entire Judiciary and an AO intranet site, as well as the primary external site www.uscourts.gov. The contract originated as both platform (Sun Solaris) and services (web & db) support, but as technologies evolved, the solution evolved into solely Web Services.
Impact:Fulcrum has implemented several new hosting architectures, including an external Drupal multisite for the hosting of more than 20 Court websites, as well as a migration of the primary intranet site to Drupal. The new web architectures provide much higher performance, necessary for Drupal and other dynamic content. In addition, these migrations led to many additional tools being deployed by the contract team for Development support; these tools have enhanced workflow and improved efficiencies within the AO. These enhancements to hosting services have enabled Courts and Program Offices to use centralized AO services to consolidate hosting of applications and support into a single Hosted Infrastructure that has improved availability and enabled them to save significantly in support costs.
Enabling Risk-based decisions at NRC
Background:The Nuclear Regulatory Commission (NRC) tasked Fulcrum with implementing a cyber security sensor data and cyber intelligence situational awareness solution.
Impact:Fulcrum is providing NRC with a cyber risk decision support system which captures the agency’s risk portfolio and allocates it across the IT systems by calculating a dollars value for each component of risk. The system utilizes all existing data feeds to aggregate, quantify, monetize, and allocate risks. Agency stakeholders view the risk information in a series of customized dashboards utilizing the Agency’s existing IT operations infrastructure. The dashboards provide cyber risk information enabling the optimization of investments and resource allocation decisions thereby minimizing the losses caused by cyber incidents. Utilizing the most up-to-date information, NRC personnel measure and can analyze the cyber risks of their systems and take informed risk-based actions immediately.