As MSC’s partner, TDI designed, implemented, & operated a continuous framework to identify & manage vulnerabilities across MSC’s vast fleet.
The Military Sealift Command (MSC) operates ships for the U.S. Navy and the entire Department of Defense (DoD). Providing ocean transportation globally, MSC relies on sound cybersecurity measures in its operations. TDI supported MSC as an expert to assist with their cybersecurity needs in their entirety. TDI led an extremely experienced and highly-skilled team to support MSC across all of their operating environments, including both Afloat and Ashore. TDI also provided direct administrative cyber support to the Afloat Information Assurance Manager (IAM).
From a cybersecurity support services perspective, TDI exceeded all of MSC’s requirements. Despite the highly dynamic and fast-paced Afloat Information Assurance (IA) environment that involves a multitude of contractors and government groups supporting various cybersecurity activities, TDI introduced standardization, automation, and streamlined processes into the Information Assurance Vulnerability Management (IAVM) management process. TDI’s standardized approach to patching, scanning and analysis of scan results and vulnerability trends enabled the Afloat IAM to improve the effectiveness of the overall IAVM program through more precise and targeted remediation actions to the fleet, resulting in an improved security posture for the fleet.
As an example, for a period of five months, TDI assisted the Afloat IAM in achieving over a 60% reduction in the number of total reported vulnerabilities in the fleet. In addition, TDI was successful in reducing the highest concentration of reported vulnerabilities from the majority of vulnerabilities being over 120 days overdue, to the largest percentage of vulnerabilities being under 60 days overdue. During the same timeframe, TDI increased the number of ships that MSC was reporting accurately by over 30%. TDI’s reporting to increased MSC’s overall IAVM awareness of their Afloat Environment. This, in turn, led to a more robust process for conducting more accurate and timely Retina scans.
TDI’s approach to providing computer network attack/security assessment support to the MSC Fleet was exemplary. TDI used both automated scans and manual validation and verification to reduce false positives and ensure automated scans were always augmented by a human factor. TDI provided a results summary, mapping identified vulnerabilities to industry- and government-standard vulnerability databases. TDI developed ship activity reports that summarized all attack activities. Our Patch Development Process used successively cumulative ships scans and assessment results to identify distinct patterns in the vulnerabilities common across the fleet. Subsequently, we developed remediation strategies for the afloat sites which result in more widely applicable and cost effective remediation solutions for the fleet.
TDI’s engineers invoked a Business Process Improvement function across all the IA Admin activities – conducting industry research, evaluating emerging IA and cybersecurity guidance and policy, and continually compiling and assessing “lessons learned” in supporting the MSC Fleet, in order to provide MSC IA Leadership with ideas and recommendations on how to streamline the MSC’s Security Program and enhance the IA functions and technologies used to assess and enhance the security posture of Afloat systems and sites.
From an A&A perspective, TDI exceled in terms of technical services and delivery of A&A related activities and artifacts in support of the Afloat Environment. TDI performed A&A activities in support of the entire DIACAP Life-cycle for MSC’s Afloat Environment. TDI managed the assembly and submission of Site/System/Type/Platform IT (PIT) packages. TDI developed in-house checklists and review procedures, based on discussions with the Navy CA and NAO, to improve the quality of A&A packages and more effectively conform to emerging guidance and policy from these external entities. We developed realistic and attainable A&A Project Plans, along with comprehensive plans and timelines to manage the required activities. While implementing the plan, TDI produced all related documents/artifacts which may include, but are not limited to, the DIACAP package (System Identification Profile (SIP), Scorecard, POA&Ms, DIACAP Implementation Plan), and appropriate supporting artifacts (Concept of Operations (CONOPS), System Security Plan (SSP), etc).
As new A&A requirements emerged, TDI was always willing to support MSC. When new systems require additional cybersecurity engineering support – such as the hardening of the Next Generation Wideband (NGW) system, a new A&A effort such as the Navigation AIDS system (NAVAIDS), or the assumption of all Activity 4 support to accredited packages – TDI always came through for MSC. For example, TDI successfully achieved the accreditation of over a dozen MSC shipboard systems/networks platforms and leveraged the use of standardized templates and questionnaires by “ship class” to develop the initial packages for over 130 MSC ship site accreditations.
TDI was also directly involved in assisting MSC IA Leadership with their initiative to make the MSC Fleet into a key stakeholder in managing their own cyber health. TDI consistently provided On-The-Job-Training (OJT) to civilian mariners (CIVMAR) while aboard ship to provide scanning and patching assistance. TDI performed a variety of services during these visits to include assisting with Annual Security Reviews, Scanning, Patching, providing formal cybersecurity training, and assisting in troubleshooting information systems. As an example, the USNS GRASP recognized TDI for the value of the training their personnel provided to the ship’s crew while onboard to provide routine scanning and patching assistance.
The expertise, dedication, and commitment of our personnel in support of MSC was exemplary and the results reflected in the improved security posture of MSC’s Afloat Environment underscores that quality.