Information Assurance and Cyber-Security
Our Information System Security & Cyber Solutions personnel have extensive Information Assurance and Computer Network Defense (IA/CND) experience supporting the Missile Defense Agency and the Ballistic Missile Defense System (BMDS).
For more than a decade, our certified information systems security professionals have provided the agency with the technical expertise required to implement and maintain a successful Information Assurance Program. Our IA/CND support to the Ground-based Midcourse Defense (GMD) Joint Program Office (JPO) Certification and Accreditation (C&A) efforts have set the standard in preparing and delivering “Quality” accreditation packages and IA risk-related assessment documentation. Paragon understands the ever-changing IA CND landscape. As threats to the safeguarding of our nations most sensitive defense information continue to become more sophisticated we continue to research, develop, demonstrate, & deliver optimal security solutions to defend and protect against these threats. Although, we are a relatively new company, Paragon has recruited the staff with the combined; understanding, experience and relationships necessary to accomplish the IA program goals of the Chief Information Officer and BMDS Information Assurance Manager.
In addition to understanding the Agency’s; complex weapon systems, telecommunications, IT infrastructures and network architectures, we know the requirements and processes to implement an Agency-wide approach to IT governance, while ensuring standardized approach to meeting security compliance with applicable; Federal, National, Industrial, DoD Security Requirements, Policies, and Regulations regardless of system lifecycle. (FISMA, NIST, NISPOM, DIACAP)
At Paragon, we are intimately familiar with the evolution of the Missile Defense Agency’s IA Management Plan (Strategic Vision) and the testing and validation of associated IA controls. Our staff has conducted Controls Validation Testing (CVT) and performed IA risk assessments of every major component within the BMDS. Our staff has been instrumental in the research and development of the Information Assurance Risk Assessment (IARA) which has been adopted and implemented by the OSD and DoD, and is referenced in CJCSI 6510.02d. Additionally, we understand the MDA processes to successfully conduct associated security reviews and audits which include; Interface Boundary Testing, Penetration Testing, Lab Testing, and Required Annual Security Reviews.
Our CVT assessments include but are not limited to; Automated Tool Testing, Interviews, Observations, Manual Reviews and Documentation Reviews as prescribed Independent Verification and Validation (IV&V) for Information Systems (IS) following approved National Security Agency INFOSEC Assessment & Evaluation Methodologies (NSA IAM & IEM). Our “Quick-look” and “Comprehensive” reporting is conducted in accordance with the DoD 8510.01e and we validate systems for compliance to DoDI 8500.2 IA Controls and are presently postured to align with the NIST 800-53 to ensure a smooth transition when and if required. Historically, our staff has supported the agency in key transitions from certification and accreditation processes that evolved from “Orange Book” to “Common Criteria” to “DITSCAP” and more recently the transition to DIACAP and SCAP.