With the rise of new and unprecedented malware, it is more important than ever that government systems adapt the most advanced cybersecurity capabilities to prevent and defend against cyberattack. The 2017 WannaCry ransomware outbreak alone affected over 350,000 computers across 150 countries, causing billions of dollars’ worth of catastrophic damage.

As the information technology and cybersecurity command center of the US Army, ARCYBER foresaw the need to transition from the legacy Host Based Security System (HBSS) to a modern, cloud-native cybersecurity solution. The scope and criticality of such a transition cannot be overstated—ARCYBER is responsible for all US Army global endpoints, including the tactical systems that keep our soldiers safe and enable the Army’s mission.

Cybersecurity as a managed service

ARCYBER selected ECS to manage this transition to the next-generation Advanced Cyber Threat Defense (ACTD) platform, replacing the outmoded tools of HBSS with a powerful suite of McAfee products, providing enterprise-wide zero-day threat defense, real-time visibility of assets, and advanced endpoint-security automation.

By seeking a platform-as-a-service (PaaS) solution, ARCYBER seized the opportunity to consolidate what had become an unwieldy, divergent system—HBSS was operated by military, contractor and civilian personnel under at least seven contracts with nonstandard security and operating procedures—into a unified system managed by one service provider, ECS. ACTD reduces overall cost while ensuring that the entire system operates towards clearly defined contractual service level agreements (SLAs). With this PaaS, ECS provides advanced cybersecurity tools, threat data, analytics, and training to all authorized Army users, including the Army Defense Cyber Operations Integration Center, Regional Security Centers, and leaders at each echelon. Relieved of routine system operations and maintenance (O&M), the Army was able to upskill its work force from system administrators to cyber warriors.

But how to orchestrate a transition of such magnitude and strategic importance?

ECS approached the challenge with a two-phase plan. In Phase 1, “Like for Like,” ECS deployed the contractor-owned, contractor-operated (COCO) enterprise managed service, standing up the new ACTD platform and assuming responsibility for Tier 2 and Tier 3 support. Simultaneously, ECS established baseline HBSS capabilities and transitioned ownership and operation of the legacy system to the OEM partners on the team. This strategy allowed for a low-risk transition within six months of contract kickoff.

Forward-looking protection, detection, and reporting

In Phase 2, “Expanded Capabilities,” ECS continues to implement next-generation tools while still making use of the mature, proven DISA-approved products already in place. These tools, which meet and exceed US Cyber Command’s security and asset management requirements, serve not only to identify and respond to cyberattacks, but also to prevent and protect against such threats through automated data collection and reporting, as well as interoperation between products and endpoints.

ACTD is a forward-looking solution, designed for continuous innovation and improvement through system upgrades, automation, orchestration, and application enhancement. Its open, extensible architecture allows for integration with other Army tools, such as the GABRIEL NIMBUS big data platform, as well as vital information sharing with partner networks. The AESS solution is cloud native, standardized and extensible, and can readily be adapted to other networks including the Defense Research and Engineering Network (DREN), Joint Worldwide Intelligence Communications System (JWICS), and Combined Enterprise Regional Information Exchange System (CENTRIXS). These capabilities provide for a system that not only meets the cybersecurity demands of today, but also anticipates and rises to meet the challenges of the future.

DOWNLOADS

Army Endpoint Security System Brochure
WE'RE HIRING