Print Email

Cyber Security

000026867366---Cyber-security-300

Fulcrum is a Cyber Security leader providing cutting-edge services across the Federal Government. We deliver business/cyber solutions that integrate seamlessly into business processes and metrics. Our solutions manage risk, optimize security resource allocations, and thereby assure the confidentiality, integrity, and availability of business processes and information.

Systems Operations and Planning Support

  • Federal Information Security Management Act (FISMA) compliance and reporting (CyberScope, OMB-300, and OMB-53)
  • Certification and Accreditation support
  • National Institute of Standards and Technology (NIST) SP 800-53 control implementation and monitoring
  • Independent Verification and Validation
  • Cyber Security policy review and formulation
  • Disaster planning and continuity of operations (COOP) planning
  • Log and event management
  • Data loss prevention
  • Vulnerability identification and remediation (NVD, IAVA, IAVB, and TA)
  • Security incident alert and response
  • Cyber role-based training
  • Information system security engineering

Advanced Technology Integration

  • Enterprise cyber risk management
  • Continuous monitoring
  • Ongoing Authorization

US Department of Education

Fulcrum analyzed the market space, acquired, installed, and successfully demonstrated a solution to monitor the current security posture of the Department continuously and subsequently developed a concept of operations, architecture, and roadmap to guide the implementation of an automated continuous monitoring solution for all Departmental endpoints in accordance with Federal Government guidelines. Fulcrum developed all the necessary product requirements, product analyses, architectures, processes, use cases, and schedules for implementing an enterprise solution that meets Departmental requirements, federal policy, and industry best practices, as well as conforms to the Government’s recommended reference architecture.

Fulcrum also provided requirements gathering, requirements analysis, market analysis, product testing and product analysis to inform the selection of an enterprise Data Loss Prevention solution that addressed data exfiltration issues; supported continuous monitoring, incident handling, and response; and computer forensic analysis for the Department.

Nuclear Regulatory Commission (NRC)

Fulcrum is providing a solution to aggregate cyber security sensor data and cyber intelligence data into a fused cyber awareness solution that depicts a risk profile for the NRC. We then allocate the risk profile across the organization and using business metrics, between organizational entities. The tasks accomplished include consulting, requirements collection, architecture, and engineering support to implement an enterprise continuous monitoring solution that integrates existing cyber security capabilities with the Department of Homeland Security’s Continuous Diagnostic and Monitoring program.

Army Intelligence and Security Command (INSCOM) Futures Directorate

Fulcrum supports the Army Intelligence and Security Command (INSCOM) Futures Directorate in the design/implementation of new infrastructure to update its current Defense Common Ground System – Army (DCGS-A). Fulcrum’s cyber related duties include the ongoing certification and accreditation of the system and staffing a 24x7x365 network and security monitoring facility. As part of our IA responsibilities for this effort, we routinely monitor, assess, test, and apply Information Assurance Vulnerability Alerts (IAVAs) for the system.

United States Special Operations Command (USSOCOM)

Fulcrum provides support to the unified combatant command, United States Special Operations Command (USSOCOM) in its mission to train and equip the Special Operations Forces (SOF) to perform its wartime missions anywhere in the world.

Fulcrum assists in the monitoring of the overall network, resolving enterprise system faults and implementing approved security policies and procedures. We provide customer support 24x7x365, perform real-time bandwidth load management, and manage enterprise-wide performance. Fulcrum maintains security awareness via continuous monitoring of Special Operations Command (SOCOM) networks and responding to network intrusion, virus, malicious code attacks, or change of Information Operations Condition (INFOCON). We also perform vulnerability analyses and network audits, as well as security testing of all new or upgraded software or hardware.

This program is a Capability Maturity Model Integration (CMMI) Level 3 project, utilizing ISO 9001:2008, ITIL, and Project Management Institute (PMI) principles--all of which are Fulcrum capabilities.

Navy Systems Support Group (NSSG)

Fulcrum supports the Navy Systems Support Group (NSSG) and the SUPervisor SHIP Building (SUPSHIP) Automated Information Support Center at the Norfolk Navy Shipyard in Portsmouth, Virginia by operating and maintaining the Naval Sea Systems Command (NAVSEA) Shipyard corporate network and the SUPSHIP data center infrastructure. The program also requires Fulcrum to provide the administration and management of the Shipyard Application Development environment and the Supervisor of Shipbuilding (SUPSHIP) planning and execution applications.

Fulcrum is a valued member of the Corporate Server Configuration Control Board for determining guidance, direction, and strategies for all shipyards with regard IA issues, policies, and configurations. Fulcrum monitors, analyzes, and implements Information Assurance Vulnerability Alerts/Bulletins (IAVA/IAVB) configuration changes mandated for securing networks against malicious attack. This work requires proactively analyzing the network environment to identify security vulnerabilities, monitor network activity for unauthorized intrusions, and notify Government managers about recommended solutions. Fulcrum researches, evaluates, tests, and implements router, firewall, and other network configuration changes to achieve and maintain DoD Information Assurance Certification and Accreditation Process (DIACAP) compliance and maintain an appropriate level of security for the network.