Recently, the Department of Homeland Security (DHS) Cybersecurity Service Provider (CSP) program provided a cybersecurity assessment of the Department of Justice (DOJ) Security Operations Center (SOC). The assessment was conducted by a team of DHS personnel from Immigration and Customs Enforcement and the Transportation Security Administration.
The DOJ Justice SOC (JSOC) passed the assessment with flying colors, meeting all required standards and exceeding them in 35 of the 40 cybersecurity evaluation areas. The assessment areas consisted of vulnerability management, malware protection, continuous monitoring, threat intelligence analytics, detection, and response to threats. By passing the assessment, the JSOC has become a certified CSP Center of Excellence.
Highlighting the collaboration between DHS and DOJ, DHS Chief Information Security Officer Kenneth Bible explained, “the success of the DHS CSP program, and the partnership between DHS and DOJ, has shown that despite very different missions and compositions, DHS and other federal agencies can collaborate from a mature and common framework to effectively enhance our national cybersecurity posture.”
The DHS CSP program, established in response to Executive Order 13800, requires that all DHS SOCs either pass a formal assessment for certification or use the services of a certified provider. Certified Centers leverage standard functions, terminology, and data formats to coordinate cybersecurity incident response.
The DHS CSP program has been a resounding success as the DHS component SOCs assessments were completed, resulting in a subscriber provider model that ensures all DHS endpoints get efficient, and more importantly, uniform protections against cyber adversaries.
The DOJ SOC assessment was the Department’s first assessment performed for a non-DHS agency. DHS Deputy Chief Information Officer Beth Cappello explained, “this successful assessment is a major milestone in the maturation of the DHS CSP program, from its incubation at Immigration & Customs Enforcement to assessing all DHS SOCs – to now a step closer to becoming a federal-wide program.” She continued, “In the future, the CSP program hopes to provide assessments for other federal agencies.”