TDI moved HUD into a regimented cybersecurity program via gap analyses, risk & vulnerability assessments & developing comprehensive policies.

TDI brought exceptional expertise to support the U.S. Department of Housing and Urban Development (HUD), Office of Chief Information Officer (OCIO). Using our proven Information Security Policy creation model, TDI supported the OCIO in meeting their IT security and infrastructure protection requirements. We provided both compliance related support (e.g., policy review, guidance, and compliance audits), as well as technical services (e.g., security audits, vulnerability assessments, and security product implementation). In support of this effort, TDI also enhanced the department’s Critical Infrastructure Protection Plan (CIPP).

In support of the HUD OCIO’s mission, our highly qualified staff conducted a gap analysis, developed a recommendations report, developed a security policy, reviewed HUD’s critical assets, revised the critical infrastructure protection plan (CIPP), updated the Software Risk Assessment, and recommended countermeasures to mitigate application vulnerabilities.

TDI provided both program management and technical expertise. In fact, our personnel were integrated into each and every subtask of this project. Managing the program allowed us to oversee all of the intrinsic processes that occurred. In addition, we provided the critical role of Lead Security Engineer in support of all tasks within this effort, ranging from interviews, audits, document reviews, policy design and derivation, and development of the CIPP.

TDI developed a time tested Information Security Policy creation model that has been successfully used to develop comprehensive policies at both government and commercial organizations such as: USAC, NIH, The Smithsonian Institution, the USMC, and Monster.com

TDI first conducted a gap analysis that encompassed a review of existing information security plans, and policies, standards, procedures, and guidelines, and compared them against numerous security requirements. This approach ensured that risks to the HUD infrastructure and mission were identified. We then developed a formal recommendations report that was developed based on the results of the gap analysis, audit findings, and personnel interviews. The report listed the specific gap, any risks that may be identified, and the results of the interviews with HUD personnel. The recommendations report was used to highlight risks associated with the shortfalls and the immediate remediation or mitigation required. TDI worked collaboratively with the HUD OCIO to prioritize the implementation of corrective actions and modifications to policy. Included in the report was a recommended implementation plan to help HUD effectively protect its critical infrastructure.

Once the formal recommendations report was approved, TDI developed a security policy manual that incorporated policy and reference gaps, and corrections to prior audit issues. The approach to developing the policy was a unified approach to developing security policies and plans throughout the organization’s program areas. The prioritization was a collaborative effort between TDI and HUD. Upon delivery of the Final Security Policy document, TDI delivered a briefing that summarized the task. The briefings included activities, issues, resolution, deliverables, lessons learned, and additional recommendations for HUD to consider. The end result was a stable and effective security framework that guide’s the organization in the protection of its critical infrastructure.

Testimonials

Don’t take it from us, hear what our clients have to say about TDI

“TDI’s approach to Managed Cybersecurity Performance (MCP) has been a game changer for us. We now have added visibility and insight to better understand risk and the ROI (return on investment) we’re receiving from our other security provider. Our security program continues to mature and we’re able to maintain continuous compliance. MCP gives me one less thing to worry about and frankly makes my job easier.””
Johnny Yang
Director Information Security & Compliance
“TDI always provides top notch personnel that meet or exceed the requirements of the contract. Their deliverables, reports, and technical aptitude are bar none. We will continue to hire TDI … they always come through for us and our end customers.”
Emilio Gonzalez
Joint Strike Fighter Program Manager
“[TDI Employee] You are the Man !! Thanks so much for the quick turn around.”
W.A. Harrison
USAJOBS Program Office Deputy Program Director
“The most appealing part of the engagement was the development of the 10-year strategic security plan for our mutual client. The quality of the thinking and input into the deliverables was exceptional.”
Bruce Gnatowski
Director Verizon Global Services
“On behalf of MCSC, PdM TFITS, Manpower Team, I would like to express our appreciation for the excellence in leadership & teamwork demonstrated by [TDI Staff] over the past 18 months. Her role as a lead IA professional was carried out in a manner above and beyond expectations.”
Beverly Walker
USMC Manpower Branch Manager
“Highly skilled and knows their work. . . exceptional at task preparation & reduced time to perform tasks by 90%. TDI brings quality & care to the table. Lots of companies have good people, but TDI employees really care about the work they do & the collective customers we support.”
Deron Burba
Smithsonian CIO
“TDI and its staff provided high quality testing engagements followed up by concise easy to understand reports. They clearly showed adherence to tasks schedule and offer adequate frequency of client/customer interaction resulting in a very satisfied customer.”
Carla Little-Kopach
Chief, DARPA SSO BPA
“TDI has proven an invaluable asset to the mission of the CTO…have strengthened the overall IA posture of the DEA Enterprise…and continues to further innovate and provide solutions that help sharpen the overriding information technology goals and mission of the Office of the CTO.”
Mark Shafernich
CTO, DEA

Related Case Studies

All Case Studies
TDI made it smooth sailing for MSC on the sea of cybersecurity

MSC brought TDI in as its partner in cybersecurity, charged with designing, implementing, & operating a cybersecurity framework to continuously identify & manage vulnerabilities across its vast fleet.
Monster calls on TDI to support its cyber requirements and scare away risk

As Monster’s cybersecurity partner for over a decade, TDI helped Monster navigate the difficult waters of Federal compliance by conducting A&A & other cyber efforts delivering roadmaps to protection
TDI helped USAC so they could help those in need in the U.S.

TDI provided a broad range of cybersecurity compliance and technical services to USAC so they could securely fund the mission of the FCC to support urban, poor, and educational communities.

nSights Report


X