Cyber Resilience for
Complex Ecosystems

Building an Interagency Cybersecurity Dashboard, Securing Government IT Infrastructure

ShorePoint’s contributions across the entire architecture of the DHS CDM Program puts it at the forefront of a national initiative to defend federal government systems and agencies against evolving cyber threats.

Background and Challenge

ShorePoint is building a vital capability for the federal government that will inform critical decisions and drive operational efficiency through effective data analysis, reliability, consolidation, and risk-based prioritization.

The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program is evolving to give agencies enhanced cybersecurity capabilities and a dashboard designed to maximize the value of their cybersecurity data. CDM delivers value to agencies primarily through two distinct avenues: The CDM Dashboard Ecosystem and the CDM Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Task Orders.

The Dashboard Ecosystem, the result of a contract awarded in 2019, provides agency leaders greater awareness of cybersecurity vulnerabilities along with objective guidance on what should be prioritized for remediation. The dashboard brings enhanced performance, visualization, scalability and data analytics to all Federal Civilian Executive Branch (FCEB) agencies. This will allow DHS to observe assets and assess threats FCEB-wide and implement a scoring system to objectively measure risk and vulnerability.  The DEFEND Task Orders are delivering tailored cybersecurity solutions and capabilities to FCEB agencies while helping them to prioritize and remediate vulnerabilities and risks.

ShorePoint is delivering strategic and technical expertise on both the DEFEND and Dashboard Ecosystem Programs, working closely with the lead integrators on each contract. This enables ShorePoint to provide unique insights across stakeholder groups while teaming with some of the industry’s largest companies to innovate and deliver client value in a highly collaborative, multi-vendor environment.

The CDM architecture consists of four layers, which inform cybersecurity insights, aggregate and normalize data, provide detailed dashboards for agencies that prioritize vulnerabilities and threats for remediation; and provide insights into the health of federal networks.

Among the challenges associated with this first-ever enterprise cybersecurity program for the FCEB are a variety of legacy systems across agencies, the need to normalize and ensure data quality, and the need to integrate systems, solutions, and capabilities among multiple vendors and government organizations in a complex technology ecosystem.

Solution and Benefits

The DHS CDM Dashboard Ecosystem is built on an innovative, scalable search and analytics platform – Elasticsearch – that provides the foundational capability to enable greater visibility into federal networks and standardize threat monitoring. Elasticsearch is a pervasive open-source based data aggregation, analytics and modeling platform used by commercial and public sector environments to improve risk-based decisions and priorities. The Dashboard Ecosystem is comprised of instances of Elastic deployed in both on-premises and cloud-based delivery models.

ShorePoint supports the development, testing, deployment, integration, and delivery of CDM Dashboard capabilities for several FCEB agencies and the enterprise Federal Dashboard. ShorePoint further supports the development and implementation of an innovative delivery model for Dashboard Ecosystem capabilities through the Dashboard as a Service (DBaaS).

This “as a service” offering is hosted on Elastic Cloud Enterprise (ECE) and includes ease-of-use features for upgrades and manageability – allowing agencies to have a dedicated cluster provided and administered by the DHS Dashboard Integrator – negating the need for large system requirements, personnel and budgets often required in a non-SAAS configuration. This model also enables rapid development and delivery of additional capabilities and features from within the Dashboard Ecosystem.

Moving Forward

ShorePoint will continue working to combine disparate agency security and operational data sources and platforms into consolidated, actionable, and intelligent dashboards offering advanced analytics and modeling to drive risk-based decisions for the federal government.

With critical project milestones successfully achieved in 2020 and 2021, ShorePoint will continue to help the program evolve through future releases in 2022. The excellence in architecture, design, and development of the CDM Dashboard Ecosystem and the underlying Elasticsearch platform have laid the groundwork for increased functional and operational security benefits for stakeholders. ShorePoint will continue to work with CDM Program leadership and the integrators for DEFEND and the Dashboard Ecosystem to drive enhancements to cyber resiliency across the FCEB agency enterprise.

Transforming, Future-Proofing Cybersecurity for a Federal Agency

Background and Challenge

In October 2020, ShorePoint was engaged by a large federal agency to design and implement enhancements to an enterprise vulnerability management program. ShorePoint teams were tasked with re-engineering and optimizing vulnerability scanning across network, application and database assets across thousands of endpoints in a complex IT environment.

The agency’s challenge was to deploy effective and comprehensive vulnerability scanning in a continuous manner, while adhering to federal best practices. The platform was also required to integrate with a massive cyber data lake to aggregate relevant security information into a centralized reporting capability – enabling dashboard tailoring based on various stakeholder needs. The goal: To help the agency achieve data dominance by providing actionable data to agency leaders and ensure seamless integration with a larger, government-wide cybersecurity initiative.

Solution and Benefits

ShorePoint engaged in a collaborative partnership with agency stakeholders and other cyber and IT providers in a multi-vendor environment. While modernizing monitoring capabilities with the latest tools and capabilities for the client and its end-users, ShorePoint is also providing near real-time visibility across the enterprise to inform mitigation actions and/or identify gaps in capabilities.

As part of the process, ShorePoint experts are continuously learning and building relationships across teams, ensuring that ShorePoint’s work is effectively supporting the customer’s overall mission. Utilizing Agile delivery methodologies, ShorePoint and its project partners are developing/integrating vital system components in parallel while progressing through the phases of system expansion, optimization and ultimately – transformation.

To future-proof agency capabilities, ShorePoint also conducts ongoing analysis of alternatives that may provide the best solutions for the future, exploring mature technologies and established companies as well as emerging, leading-edge solutions.

Moving Forward

Nearly one year into a four-year contract, ShorePoint continues to expand and optimize the organization’s vulnerability management capabilities, identifying gaps in the environment and ensuring proper coverage and reporting. In upcoming project phases, ShorePoint will deploy additional solutions that will further transform and modernize the agency’s scanning environment.