Loading...
HomeMy WebLinkAboutDS.5 - CyberKrushComprehensive IT Solutions Your Guide to Efficient Network Management and Reliable User Support Network Management At the core of every successful business lies a robust network infrastructure. Our network management services ensure: Preventative Issue Resolution Customizable Scalable Solutions Network Performance Optimization Server Administration Efficient server administration is the backbone of a stable IT environment. Our services include: Server Setup Maintenance Security Patching Maintenance Backup Recovery Solutions Server Optimization Services Ready to go from “Zero to Hero” Security Enhancements Protecting your data and infrastructure from cyber threats is paramount. Our security enhancements encompass: Security System Implementation Security Audit Assessment Cybersecurity Training Programs Empowering your employees with reliable technical support is essential for smooth operations. Our user support services offer: IT Helpdesk Support Remote Troubleshooting Support Customized Support Plan Email: barryk@cyberkrush.com Phone: 724-689-2063 Website: https://cyberkrush.com/ User Support Contact US! Trust our experienced team to manage your IT infrastructure effectively, so you can focus on what matters most— growing your business. Let us be your partner in achieving IT excellence. Barry Kimmell Contact Information: barryk@cyberkrush.com , (724) 689-2063 Summary I am an Independent Consultant/Free Lance Information Security Professional and founder of CyberKrush LLC with over 14 years of experience conducting threat assessments, vulnerability assessments, and risk assessments for the United States Navy, and additional private sector experience for Draper, Raytheon, National Grid and Hanscom Federal Credit Union, and BAE. Professional Experience: Independent Consultant 06/2020 – Current • Help organizations with various frameworks to include ARS, CMS, ISO 27001, RMF, and briefly CMMC (crosswalk) • Help organizations with policy review, gap assessments, make recommendation based on findings, develop policies based around the RMF requirement 800-37 • Help organizations go from “0 to hero” with an average 2–3-year ATO outcome • Help organizations with all aspects of eMASS to include but not limited to the Controlexport and TRexport • Ensure organizations have a full understanding of what is “required” to include giving guidance on how to get become compliant based on their required framework • Help with technical pieces of their system is needed: o Setting up and maintain back up drives o Provisioning/Deprovisioning accounts o Setting up OUs on the network o Defining what GPO to enforce and setting them o Installing/removing software o User Troubleshooting • Manage multiple IT Projects to ensure successful delivery within budget and timeline • Manage budget in excess of 2 million dollars • Conduct regular project status meetings and provided progress updates to key stakeholders. • Collaborate with vendors and external partners to coordinate project activities and ensure seamless integration of services. • Monitor project budgets and expenses, tracking and controlling costs to meet financial targets. Abilene Christian University Course Developer/Adjunct Teacher 01/2020 – Current • Utilize variety of technologies and instructional methodologies to keep courses fresh and engaging. • Help students develop talent through range of exercises readings and discussions. • Lead Adjunct for several under-graduate Cybersecurity courses o ITA 460 Project Management for IT o ITA 475 Risk & Incident Plan & Responses o ITO 310 Intro Computer and Info Security o ITO 473 Cybersecurity Policy BAE Systems Manager, Information Security 07/18-12/2020 • Work with technology leadership to develop, plan, implement and provide oversight of an enterprise security program and roadmap • Analyzing and preparing reports for management on team goal achievement, workflow, p roductivity and performance • Create and maintain security architecture artifacts that can be used to leverage security capabilities in new initiatives and operations • Analyzes and prepares reports for management on team goal achievement, workflow, pro ductivity and performance • Directs day-to-day workflow and site management of team and associates • Engage with the information security program management team to ensure that projects a re scoped and designed in alignment with architecture models. • Raise awareness and adherence to secure development practices on development teams • Using a risk management approach, negotiating risk levels and response • Execute strategies to align department with business objectives and division goal • During yearly SVA with DCSA scored a “Superior” rating. • Knowledge of development and implementation of GPOs, Server hardening and Microso ft Clustering technologies • Manage Splunk user accounts (create, delete, modify, etc.) • Manage all aspects of information systems security as it applies to the SCI, SAP, and DoD community (NISPOM, NIST 800-37, NIST SP 800-53). The Charles Stark Laboratory Sr. Risk Manager/ Security Engineer 11/17-07/18 (Contract) • Provided system security support to Strategic Programs at Draper. Ensures all systems are compliant with all DISA STIG administrative and technical requirements. • Performs appropriate continuous monitoring and systems security testing and provides mitigation solutions for identified findings and patching requirements. • Ensured that proposed system changes are reviewed and that implemented system modifications do not adversely impact the security of the system. • Provided guidance for Computer Security needs based on the National Industrial Security Program Operating Manual, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Navy RMF, and Draper Policy and Procedures Manual for all levels of management and technical staff. • Responsible for inspection and revision of system plans for each accredited system. Documents changes to system plans and special security requirements as needed, and communicates these changes to Management Provides day-to-day support to the adherence of policies, procedures and best practices. • Prepared and wrote individualized and specialized system security plans for approval. Reviewed and revised these plans based upon the analysis/interpretation of the system components and the processing needs/objectives of each individual system custodian and user. • Developed component and physical architectures in collaboration with IT and the business to enable security-by-design that balances risks and opportunities for Draper Labs. • Developed and implemented GPOs, Server hardening and Microsoft Clustering technolog ies Hanscom Federal Credit Union 07/17 – 11/17 Information Security Risk Manager • Develop and organize standard toolkits and tool development repositories, and custom content within Splunk. • Ensured compliance in Business Continuity Planning, Incident Response Planning, and Risk Assessments across 13 branches. • Coordinate training and testing, tracks testing recommendations until completion, and updates the plan as needed to ensure compliance. • Performed annual business continuity planning, training, and testing which results in employees becoming more familiar with cyber security risks. • Coordinated with IT disaster recovery program and track test results. • Developed metrics and risk tolerance from credit union’s risk appetite statement. • Performed risk management reporting for the Risk Management Committee and Board. • Reviewed and consider new third-party vendor technology products, this lead to partnering with Knowbe4 for cyber awareness and Quantivate to help manage our Enterprise Risk Management, Business Impact Analysis, and vendor management. National Grid 12/16 – 07/17 (Contract) Cyber Security Incident Manager/Business Continuity Planner • Served as the Lead Cyber Security Incident Manager (CSIM) for a group of four personnel that led efforts across ITS including determination the criticality of an incident, appropriate containment, and mitigation activities. • During an active incident response, prioritize advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc. • Developed contingency plans to deal with organizational emergencies. • Managed the Cyber Incident Response Retainer Service on behalf of the CISO and recommend activation for incidents where assistance is required. • Developed the disaster recovery plans for physical locations with critical assets such as data centers. • Developed emergency management plans for recovery decision making and communications, continuity of critical departmental processes, or temporary shut- down of non-critical departments to ensure continuity of operation and governance • Supported the alignment between the Disaster Recovery and Business Continuity programs and Cyber Security Incident Response, including participation in Disaster Recovery testing activities. • Managed the alignment of ITS CSIR programs with other areas of groups to include: strategy, governance, risk and compliance, disaster recovery and business operations. • Acted as the lead for table-top exercises, which assess the effectiveness of cyber incident response capabilities across people, processes, and technology. • Prepared reports summarizing operational results, financial performance, or accomplishments of specified objectives, goals, or plans. Raytheon 08/16 – 12/16 (Contract) Senior Cyber Information Assurance Specialist I • Managed all aspects of information systems security as it applies to the SCI, SAP, and DoD community (NISPOM, NIST 800-37, NIST SP 800-53). • Develop and organize standard toolkits and tool development repositories, and custom content for log remediation within Splunk. • Assisted the Information System Security Officer (ISSO) on preparing the Information System Security Plans, Protection Profiles, etc. • Worked with GRC platforms to help in the guidance of finding gap analysis, risk analysis, and IT auditing. • Worked closely with local DSS, ODAA, and other government approval authorities to achieve system accreditation and maintain compliance for all collateral classified information systems. • Conducted regular AIS audits to ensure accredited systems are being operated securely and computer security policies and procedures are implemented as defined in security plans. • Provided technical and user support for numerous standalone and network systems to include routine backs-ups, virus updates, patches, service packs, and hot fixes, set-up of user accounts, password resets, adding/removing hardware and ensuring all secure related documentation is notated as required. • Supported the assessment and mitigation of system security threats and risks throughout the program life cycle which was based around the DoD RMF process 1- 6. • Implemented site procedures for marking, handling, and controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information, this in returned helped when it came time for inventory as easy way to identify what assets we had on hand. United States Navy Information Assurance Office/Instructor 01/13 – current • Ensured Information Security and availability by conducting threat assessments, vulnerability assessments, and risk assessments. • Continually assess risk on network security posture before and after corrective actions taken. • Utilized the NISPOM chart to help in the decision scoring of vulnerability, subsequently assisting in assigning mitigation to the vulnerability. • Maintained and provide daily client support to over 200 Tier 1 end users on 113 workstations and 3 CISCO VoIP phones by ensuring the Confidentiality, Integrity, and Availability of network information. • Investigated internal security violations that occur on networks • Ensured proper chain of custody logs were filled out to ensure the integrity was not compromised. • Implemented a DoD-wide Public Key Infrastructure (PKI) to maintain the digital certificate life cycle, including issuance, suspension, and revocation. Processed system authorization access request for NIPR and SIPR networks. Audited user files for inappropriate access levels and protection from cyber-attacks. Military Police Officer 06/04 – 08/2012 • Supervised security dispatch center for various NAS Naval Station over a 12 year period containing roughly 2,500 personnel at any given time. • Used an array of specialized criminal investigative techniques to resolve investigations. Prepared reports of investigations and criminal intelligence reports detailing diverse contributing causes. Testified in administrative proceedings and court hearings • Investigate possible security breaches while conducting physical security checks to includes recommending mitigations • Analyzed and evaluated information to determine the appropriate course of criminal prosecution • Identified, collected, and seized documentary or physical evidence; processes crime scenes; assisted with interviews of witnesses and suspects. • Interviewed subjects, targets and witnesses for information verification and corroboration • Verified and authenticated the validity and admissibility of evidence and preserved its integrity for court hearings Clearance Active TS/SCI Clearance Education BS in Cyber Security- University of Maryland University College MS in Cyber Security Management- University of Maryland University College CyberKrush, LLC Barry Kimmell, Founder barryk@cyberkrush.com 724-689-2063 UEI: URLUJJ5X9L33 Cage Code: 9FM93 2 Let’s KRUSH your goal! Past Performance Over the past few years, CyberKrush, LLC has consistently demonstrated its commitment to effective risk management by implementing a robust framework. This framework has enabled us to proactively identify, assess, mitigate, and monitor risks across various projects and initiatives. Our accomplishments in this area have significantly contributed to our overall success and helped us maintain a strong position in the market. Here are some key highlights of our past performance in risk management: 1. Comprehensive Risk Identification: We have successfully developed a systematic approach to identify risks at every stage of our projects. Our teams have actively engaged stakeholders, conducted thorough analyses, and utilized various risk identification techniques to identify and document all potential risks. Doing so has minimized the chances of unexpected events impacting our projects negatively. 2. Rigorous Risk Assessment: Our organization has excelled in conducting comprehensive risk assessments once risks are identified. We have employed various qualitative and quantitative methods to assess the impact and likelihood of each risk. By assigning appropriate risk scores, we have prioritized our efforts and resources towards addressing the most critical risks first, ensuring effective risk mitigation. 3. Proactive Risk Mitigation: We have implemented proactive risk mitigation strategies to minimize the impact and likelihood of identified risks. Our organization has developed contingency plans, alternative methods, and risk response plans for each significant risk. We have prevented potential disruptions by addressing risks at their root causes and consistently met project objectives. 4. Robust Risk Monitoring: Our risk management framework includes a dynamic monitoring process to track identified risks continuously. We have established key risk indicators (KRIs) and implemented regular monitoring mechanisms to identify any changes in risk levels. By closely monitoring risks throughout the project lifecycle, we have been able to adapt and respond promptly to emerging threats. 5. Continuous Improvement: Our commitment to constant improvement in risk management is evident through our post-project reviews and lessons-learned sessions. We actively seek stakeholder feedback, analyze project outcomes, and update our risk management practices accordingly. This iterative approach has allowed us to continually enhance our risk management framework and adapt to new challenges and emerging risks. 6. Recognition and Compliance: External auditors and regulatory bodies have recognized and commended our risk management framework. We have consistently demonstrated compliance with industry best practices, standards, and regulations, giving our stakeholders confidence in our risk management capabilities. Our past risk management performance reflects our organization's dedication to proactive and effective risk management practices. By consistently implementing our risk management framework and achieving these accomplishments, we have positioned ourselves as a reliable and 3 Let’s KRUSH your goal! resilient organization capable of navigating complex challenges while ensuring the successful delivery of our projects. Recent Accomplishments: Achieving Authorization to Operate (ATO) using the Risk Management Framework (RMF)/ Federal Information Security Moderization Process FRAMACO In collaboration with FRAMACO, we successfully guided them through the RMF process to achieve Authorization to Operate (ATO) for their critical system. We began by comprehensively assessing their security posture, identifying potential risks, and documenting the necessary security controls. Through workshops and close collaboration with FRAMACO stakeholders, we developed a robust System Security Plan (SSP) that addressed all required rules and aligned with industry standards and regulatory requirements. Next, we assisted FRAMACO in implementing and integrating the necessary security controls into its system architecture. This involved establishing appropriate access controls, implementing continuous monitoring mechanisms, and ensuring secure configuration management practices. Our team provided expertise in effectively selecting and deploying relevant security tools and technologies to bolster their security posture. To ensure compliance with the RMF process, we facilitated thorough security testing and evaluation, including vulnerability assessments and penetration testing. By conducting these assessments, we identified and addressed potential vulnerabilities and implemented appropriate remediation measures to enhance the system's overall security. FRAMACO compiled all necessary artifacts through our guidance and support, including security assessment reports and contingency plans. We worked closely with them to document and justify deviations from standard security controls, ensuring a comprehensive and well- documented package for the authorization review. Finally, we assisted FRAMACO in preparing for the ATO review board by providing detailed briefings and facilitating the necessary discussions. Our team addressed any concerns or questions raised by the review board, ensuring a smooth and successful authorization process. As a result of our collective efforts, FRAMACO achieved a 2-year ATO, enabling them to operate their system while maintaining high security and compliance confidently. 4 Let’s KRUSH your goal! SkyWater Technologies For SkyWater Technologies, CyberKrush, LLC provided extensive support in their journey to obtain an ATO using the RMF process. Our engagement began with thoroughly assessing their system's security posture and identifying potential risks and vulnerabilities. Through collaboration with their internal security team, we facilitated the developing of a comprehensive SSP encompassing all necessary security controls. We worked closely with SkyWater Technologies to properly implement identified security controls and integrate safe practices within their system architecture. This involved assisting in establishing robust identity and access management processes, implementing security monitoring and incident response capabilities, and conducting security awareness training for their personnel. To validate the effectiveness of their security measures, we conducted rigorous security testing and evaluation, including vulnerability scanning and penetration testing. Our team provided recommendations for remediation and guided SkyWater Technologies in implementing the necessary fixes to enhance their system's security posture. Throughout the process, we supported SkyWater Technologies in the creation of required security artifacts, including security assessment reports, contingency plans, and incident response procedures. We ensured that all documentation adhered to the RMF guidelines and satisfied the expectations of the authorization review board. We conducted thorough briefings and readiness assessments as the ATO review approached to prepare SkyWater Technologies for the review board's inquiries. Our team addressed any concerns or questions raised during the review, ensuring a comprehensive understanding of the security controls implemented. Thanks to our collaborative efforts, SkyWater Technologies obtained a 2-year ATO, affirming their security measures' effectiveness and commitment to maintaining a secure environment for their systems and data. Haigh Farr Our involvement with Haigh Farr centered around guiding them through the RMF process and supporting their efforts to achieve an ATO for their critical system. We initiated the engagement by conducting an in-depth assessment of their existing security posture, identifying potential risks and vulnerabilities. Based on this assessment, we collaborated with Haigh Farr team to develop a robust SSP that addressed all required security controls and aligned with industry best practices. 5 Let’s KRUSH your goal! We provided comprehensive guidance and expertise to Haigh Farr in implementing and integrating the necessary security controls into their system architecture. This involved establishing secure network boundaries, implementing strong access controls, and deploying monitoring solutions for enhanced threat detection and incident response capabilities. To ensure the effectiveness of their security measures, we conducted thorough security testing and evaluation, including vulnerability assessments and penetration testing. Through these assessments, we identified and addressed potential vulnerabilities, enabling Haigh Farr to enhance its system's overall security. Our team worked closely with Haigh Farr to compile all necessary artifacts, including security assessment reports, contingency plans, and incident response procedures. We assisted them in documenting deviations from standard security controls, ensuring transparency and compliance with the RMF process. As the ATO review approached, we conducted extensive briefings and mock review sessions to prepare Haigh Farr for the authorization review board's scrutiny. Our team addressed any concerns or questions raised during these sessions, ensuring Haigh Farr readiness for the review. Through our collaborative efforts, Haigh Farr achieved a 3-year ATO, validating their security measures' effectiveness and commitment to maintaining a secure operating environment. Their successful accomplishment demonstrates their dedication to robust risk management practices and adherence to the RMF process. BAE Systems 1. System Categorization: Assisted BAE Systems in determining the appropriate categorization of their geospatial systems according to the RMF. This step involved assessing the potential impact on the organization and defining the necessary security controls accordingly. 2. Security Control Implementation: Collaborated closely with the team at BAE Systems to identify and implement the specific security controls required for their geospatial systems. These controls were carefully selected to address geospatial data's unique challenges and risks. 3. Continuous Monitoring: Worked hand in hand with BAE System to establish a robust continuous monitoring program for their geospatial systems. This involved developing processes and tools to detect and respond to potential security incidents in real time, ensuring prompt mitigation of any threats. 4. Documentation and Compliance: We supported [Organization's Name] in generating the necessary documentation to demonstrate compliance with the RMF requirements. This included preparing system security plans, conducting security assessments, and maintaining an accurate and up-to-date record of their geospatial systems' security posture. 6 Let’s KRUSH your goal! By overseeing the entire IT infrastructure, including the geospatial systems, we ensured a holistic approach to security. This approach allowed us to identify potential vulnerabilities and implement appropriate controls across the organization's technology landscape. This infrastructure included 100 networked desktops, four servers, and two backup devices for continuity. Through our collaborative efforts, BAE System has maintained high security for its geospatial systems while aligning with the RMF guidelines. We are confident that our ISSM support will continue to strengthen their security posture and enable them to leverage their geospatial infrastructure confidently. Draper Laboratory As the Information System Security Manager (ISSM) for Draper Laboratory, I oversaw and implemented robust security measures to safeguard the critical information systems supporting ballistic missiles. In this role, I work diligently to ensure the confidentiality, integrity, and availability of classified data while adhering to stringent government regulations and industry best practices. By conducting thorough risk assessments, developing comprehensive security policies and procedures, and implementing advanced cybersecurity technologies, I strive to create a secure environment that mitigates the potential risks and threats to our information systems. Furthermore, I collaborate closely with stakeholders, conduct regular security audits, and provide continuous training and awareness programs to foster a culture of security consciousness among our personnel. With an unwavering commitment to the highest standards of security, I am dedicated to ensuring the protection and reliability of our vital information systems that support the critical mission of ballistic missile defense. Aerojet Rocketdyne CyberKrush, LLC has a proven track record of effectively managing risks within the Secret Internet Protocol Router Network (SIPRNet) by implementing a robust Risk Management Framework (RMF). Our accomplishments in this area have been instrumental in safeguarding sensitive information and maintaining the integrity, confidentiality, and availability of the SIPRNet. Here are some key highlights of our past performance in risk management specific to the SIPRNet: 1. Thorough Risk Identification: We have demonstrated expertise in identifying risks specific to the SIPRNet environment. Our team has conducted comprehensive risk assessments, considering unauthorized access, data breaches, malware attacks, insider threats, and physical security vulnerabilities. By proactively identifying and documenting these risks, we have been able to implement appropriate controls and mitigation strategies. 7 Let’s KRUSH your goal! 2. Rigorous Risk Assessment: Our organization has performed thorough risk assessments for the SIPRNet to evaluate the potential impact, likelihood, and severity of identified risks. We have employed qualitative and quantitative analysis methods, utilizing industry best practices and standards. This has enabled us to prioritize our efforts and allocate resources effectively for risk mitigation. 3. Effective Risk Mitigation Strategies: Through our RMF process, we have implemented effective risk mitigation strategies to protect the SIPRNet. We have established robust access control mechanisms and implemented multifactor authentication, encryption protocols, and intrusion detection and prevention systems. Additionally, we have developed and enforced stringent security policies and procedures, including regular security awareness training for authorized users to mitigate the risk of insider threats. 4. Continuous Monitoring and Incident Response: We have implemented comprehensive monitoring mechanisms to detect and respond to potential risks and security incidents within the SIPRNet. This includes constant monitoring of network traffic, system logs, and security event management systems. By promptly identifying and responding to anomalies and security incidents, we have minimized the impact of potential threats and vulnerabilities. 5. Compliance and Certification: Our risk management framework for the SIPRNet aligns with the necessary security requirements and standards. We have maintained compliance with relevant regulations, including Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and National Institute of Standards and Technology (NIST) guidelines. Our organization has undergone regular audits and assessments to ensure adherence to these standards, providing confidence in the security of the SIPRNet. 6. Incident Analysis and Lessons Learned: In the event of security incidents, we have conducted thorough incident analysis and lessons learned sessions. Our team has investigated the root causes of incidents, identified areas for improvement, and updated security controls and procedures accordingly. This iterative approach has allowed us to continuously enhance the security posture of the SIPRNet and mitigate future risks effectively. Overall, CyberKrush, LLC past performance in risk management for the SIPRNet demonstrates our organization's commitment to safeguarding sensitive information and ensuring the integrity of this critical network. Through the implementation of a robust Risk Management Framework, we have consistently identified, assessed, and mitigated risks specific to the SIPRNet, contributing to its secure operation and trusted communication capabilities. Closing Partnering with CyberKrush, LLC will give you peace of mind, knowing that your system's security is in capable hands. 8 Let’s KRUSH your goal! Furthermore, the owner of CyberKrush, LLC is an esteemed Cybersecurity adjunct for Abilene Christian University. With this unique affiliation, our team deeply understands the specific challenges and requirements within the academic sector. We bring a wealth of knowledge and insights from working closely with Abilene Christian University, enabling us to tailor our Annual Assessments to meet the specific needs and regulatory frameworks commonly encountered in educational institutions. This valuable association further reinforces our commitment to excellence and alignment with industry standards. By engaging with CyberKrush, LLC, you can leverage our comprehensive expertise and benefit from our unique insights into the cybersecurity landscape of educational institutions. We look forward to the opportunity to collaborate with you and contribute to the success of your cybersecurity efforts. Cheers, BarryK