Our engineers have been embedded at Smithsonian for nearly two decades providing A&A, pen testing, training, business continuity, & more.
TDI has been providing cybersecurity support services to The Smithsonian for the better part of two decades. Our efforts include performing Assessment and Authorization (A&A) efforts on many of the Institution’s Major Systems. We work extensively with system owners to provide cyber guidance and develop methods of remediating identified vulnerabilities. We also assist the Information Technology Security Staff with cyber documentation, compliance issues, and audit findings. The Smithsonian OCIO/ITSS noted that TDI “made significant contributions in completing two big IT Security milestones at the Smithsonian Institution,” mentioning, while referencing our work on this task, that “FISMA auditors noted that control testing & evidence was significantly improved by the Smithsonian.”
TDI also provides Information System Security Officer support for various systems with responsibilities to support POA&M/Audit Findings, log reviews, PCI Compliance issues, system documentation, and system compliance.
We have also maintained and operated firewalls and the IDS infrastructure at the Smithsonian along with other Security Operations Center support. The tasks associated with these projects include the full spectrum of systems management such as rules configuration, traffic control, network anomaly detection, incident monitoring and remediation, compliance reports generation, etc.
TDI also conducted numerous security, risk, and vulnerability assessments for the Smithsonian to ensure a high security posture for their systems, networks, and applications. Our staff performed vulnerability assessments and penetration tests. We also examined the security controls built into numerous SI applications. We assessed these applications to determine their configuration, integration within SI’s network, and vulnerabilities that existed.
Our countless efforts also included cyber training, incident response, disaster recovery table-top testing, business continuity strategy development, security baseline builds, privacy impact assessments, and so much more. In short, when talking about cybersecurity at the Smithsonian, it would be remiss not to mention TDI.