The Department of Homeland Security (DHS) selected Telos Corporation under a multi-year, firm fixed price contract to help it with its information security compliance and deployments to meet new infosec regulations.
Telos provides technical services for automating DHS’s security authorizations, complying with complex information security requirements and continuously monitoring its security posture.
Telos is providing DHS support for its Xacta software applications DHS uses to enforce information security policies, track the effectiveness of security programs and monitor compliance across its enterprise.
In 2012, DHS purchased and implemented Telos’ Xacta Assessment Engine and the continuous monitoring tool Xacta Continuum. Xacta is an enterprise risk management suite of applications that fully automates security authorizations and ensures compliance with rigorous security standards such as the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). It also helps DHS to implement FedRAMP workflow and to comply with federal cloud security requirements. Xacta has been deployed enterprise-wide systems throughout DHS.
Under its new contract, Telos will continue providing operations and maintenance of Xacta Assessment Engine and Xacta Continuum to provide the agency with the ability to manage and support all DHS and Federal Information Security Management Act (FISMA) requirements. Telos will also provide on-site help desk and expertise to assist with process engineering, deployments to meet new regulations, and template development.
“Because of its unique role in the US government, DHS’s information systems must comply with a broad range of security mandates including FedRAMP andNIST RMF, as well as its own policies for security compliance,” said Telos Vice President, IA Services, Ben Taylor. “We look forward to continuing our support of the departmentand helping it manage, monitor and track authorizations to operate, plans of action and milestones, control assessments and ongoing authorizations.”
Telos was the first to operationalize the NIST Risk Management Framework via software. Xacta enables its users to establish a centralized IT risk management platform for enterprise security intelligence; collect extensive IT asset inventory data; detect, identify and remediate threats to system security; and generate the reports and documentation needed for regulatory compliance.
Telos said its “Xacta Assessment Engine contains a vast knowledge base of more than 5,000 individual security requirements and associated test procedures, organized and cross-referenced into more than 100 security policies, regulations and standards. Xacta Continuum provides a holistic view of an organization’s asset compliance posture and actionable reporting metrics for prioritized decision making.”