Our Solutions > Cyber/Risk Management
Artel delivers a full portfolio of cybersecurity/risk management solutions designed to operate within the stringent DoD environment. Artel reviewed the Risk Management Framework (RMF) prior to DoD adoption and subsequently led DISA’s Cross Domain Enterprise Solutions (CDES) DIACAP-to-RMF transition.
Our Cross Domain Enterprise Solutions
- Risk assessments and mitigation activities
- Risk Decision Authority Criteria (RDAC) analysis of all guards placed on NSA/DISA/DoD-approved guard list
- Customized templates and processes for the RMF Certification and Accreditation (C&A) process
- Supply chain risk management
- Vulnerability scanning and IAVA compliance
- Vetting of customer requirements for new technology solutions
- System Security Plan development to ensure integration of DoD, FISMA, NIST, and other federal mandates into all processes
- Assessment of security controls via Security Test and Evaluation and Security Assessment Reports
- Continuous monitoring to manage and remediate identified weaknesses
- Tracking of existing and emerging IA policies and trends
- Independent Verification and Validation, and Security Test & Evaluation
- Certification Testing and Evaluation (CT&E) and pre-CT&E of new technologies
- Technology-specific Security Test Plans, Security Test Reports, and Security Test Executive Summaries
Cross Domain Enterprise Solutions (CDES) Case Study
The U.S. Department of Defense (DoD) needed enterprise-wide, cross-domain solutions risk management, security testing, and certification and accreditation (C&A) support that could evolve to support critical customer missions. For more than 12 years, Artel has provided personnel, supervision, management, and technical services to perform Cross Domain Testing and C&A support for implementation by the Defense Information Systems Agency’s (DISA’s) Infrastructure Development Directorate, Cross Domain Branch (ID32) and Combatant Commands, Services, and Agencies. As with all Government agencies, DISA has been faced with growing mission requirements but dwindling funding.
Artel acts as a trusted partner, offering unbiased and fresh views to reveal deltas between requirements and deliverables, software and security defects, and vulnerabilities that otherwise cannot be detected and identified. Since beginning the CDES program, Artel’s C&A and testing operations have increased by nearly 360%. As the cumulative number of tests increased, the number of pages per test event skyrocketed with the use of NIST 800-53. Sensitive to DISA budget constraints, Artel developed template test plans and conducted Cyber and Risk Management testing using special methodologies, tools, knowledge, and skills to exceed performance standards.
To improve performance and increase efficiency, our team completely restructured the Security Test and Evaluation (ST&E) format to comply with NIST 800-57 and the Risk Management Framework. We also developed test procedures for binary data, a new cross-domain solutions (CDS) data type that had never been tested in a CDS product for a CDS environment. We performed Independent Verification and Validation (IV&V) on product patches and configurations that had been previously tested, but were found to have a possible vulnerabilities. Artel’s CDES team comprises security professionals, test engineers, and Certified Ethical Hackers with CISSP, CRISC, Security+, and SSCP credentials.
Our daily performance encompasses:
- Security Test and Evaluation (ST&E)
- Operational Test and Evaluation (OT&E)
- Government Acceptance Testing (GAT)
- Certification and Accreditation (CDA)
- Certification Testing and Evaluation CT&E
- Independent Verification and Validation (IV&V)
- Performance and Functional Testing (PFT)
- Patch/Version Testing (PVT)
Interested in finding out how Artel delivers secure communications?
Artel provides secure network communication solutions that ensure reliable connectivity and provide cost-effective delivery of global terrestrial, satellite, cyber, and IT services