Cyber Capabilities Overview

True to our corporate vision, Electronic Warfare Associates, Inc. (EWA) has enabled a more secure future in data and network security services for more than a decade – well before “cyber” was a standard industry term. We offer a full spectrum of vendor neutral cyber security services and products that actively benefit our clients that include Fortune 500 financial and telecommunication companies, and municipal, state, and federal government agencies such as the Department of State, Department of Defense, Department of Homeland Security, the National Security Agency and the U.S. Army, among others.

IIT approaches cyber security as an integral component of business operations, focusing on people (culture, training), processes (policy, procedures, best practices), and technology (latest tools and cutting-edge research & development) to help our clients maintain efficient operations and ensure the confidentiality, integrity and availability of their networks and data.

We meet our clients’ needs with a comprehensive range of services including: initial needs assessments, policy development, network and product testing, IIT’s support team at the Department of State, Cyber Threat Analysis Division was awarded the “2011 National Cyber Security Innovation Award” by the White House National Cyber Security Coordinator monitoring, and training/education that provide tailored solutions. Although 100% network security cannot be achieved we have taken great strides to reduce the chances of such instances by leveraging our extensive knowledge of current threats to tailor solutions to specific customer requirements. We apply robust emerging technology solutions in flexible architectures to insure ongoing security assurance. This effort includes the development of new technology solutions to specifically counter emerging Advanced Persistent Threats (APT) and to dynamically address newly identified threats in near real time. Our corporate credentials include (representative sample, not a complete list):

• Accredited by the National Institute of Standards and Technology (NIST) under the National Voluntary Laboratory Accreditation Program of the U.S. Department of Commerce to operate as a Cryptographic and Security Testing Laboratory
• NIST’s Personal Identity Verification Program (NPIVP)
• Security Content Automation Protocol (SCAP)
• Common Criteria Test Lab (CCTL) to conduct formal Evaluations of IT Security technologies to the ISO 15408 Common Criteria Standard
• Accredited by Interac Association under the Third Party Device Certification Program to operate as a Device Certification Agent (DCA)
• Accredited by the Payment Card Industry (PCI) to provide payment terminal testing services recognized by Visa, MasterCard and JCB
• Experience supporting major banking/financial institutions, including a large US private equity firm
• Significant network, system and media forensics capabilities and experience

Individual certifications include (representative sample, not a complete list):

• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)
• Offensive Wireless Certified Professional (OSWP)
• GIAC Certified Penetration Tester (GPEN)
• GIAC Reverse Engineering Malware (GREM)
• GIAC Certified Intrusion Analyst (GCIA)
• Microsoft Certified Systems Engineer

In addition, nearly all of our cyber security professionals and technicians maintain government security clearances at the Secret and higher levels. Our customers can be assured that our personnel have been vetted and can be trusted with their sensitive and proprietary information. We operate with US Government Top Secret and above cleared facilities and communications.

24/7 Threat Warning, Incident Reporting, and Analysis. EWA operates the Canadian National Computer Emergency Response Team (CanCERT) and both the North American Surface Transportation and Public Transit Information Sharing and Analysis Centers (ST and PT ISACs). In conjunction with our efforts at the US Departments of State and Defense we provide unparalleled, current subject matter threat expertise in the areas of deep cyber threat analysis, network monitoring, incident response, cyber forensics, and security engineering.

Initial Needs Assessments. IIT immediately strives to understand our clients’ goals and objectives when providing an initial assessment of their network and data security posture. We review policies and procedures, perform network analysis, and use certified personnel and procedures to perform vulnerability assessments via penetration testing. For example, we executed a full spectrum vulnerability and force protection assessment of National Guard Joint Headquarters in all 54 US States and Territories, and provided a customized listing of implementation actions and recommendations for each. We work with our clients to design, develop, and establish their network from the inception stage for the most secure and both operational and cost solution. After the initial needs assessment, EWA continues to pursue our client’s goals and objectives in order to develop a path to satisfy their cyber security needs.

Policy and Process Development. We support policy and process development at both the strategic and operational levels within an organization. For example, EWA supported the US Agency for International Development (USAID) by assessing their financial audit functions. Specifically, we addressed policy, practices, and physical security components, as well as technology security issues at USAID headquarters and at over 100 foreign mission outposts around the world. We work with agencies across the U.S. Government, including the Department of Defense FBI, DHS, NSA, and the Department of State, as well as Critical Infrastructure stakeholders across the private sector to develop realistic policies and procedures, based on laws, regulatory guidance and accepted national and international security best practices.

Network and Product Testing. IIT is “vendor neutral” and recommends the best of breed solutions to satisfy our customers’ needs. We provide a wide range of testing and assurance capabilities, including device tests that are common in the Payment Card Industry (Common Criteria Testing, Federal Information Processing Standards (FIPS) for cryptographic terminals/devices) to Department of Defense Security Technical Implementation Guide (STIG) compliance and verification.

We established and operate several independent “High Assurance Laboratories.” In these highly secure labs we conduct detailed security evaluations of software, firmware and hardware, including both static and dynamic source code assessments and full spectrum system level testing. We target our tests against known/unknown vulnerabilities, malware, coding defects and security resiliency. We are currently conducting this in-depth testing, applying methods vetted by U.S. Government intelligence and security agencies, for a variety of customers including several major U.S. and foreign telecommunications infrastructure systems providers, but the process is applicable to all technology products.

In concert with this testing, we are involved in assured logistics, in which we can help verify that products (hardware, software, and firmware) produced by the supplier are securely delivered to the end user, ensuring that there has been no interdiction (counterfeit products, malware) of the supply chain. Operational efficiencies are greatly increased through this process ensuring the best products are delivered “up front” to the client.

In all cases, both product and network testing is specifically designed to protect the security and assurance concerns of all stakeholder interests. IIT acts as a Trusted Third Party, in which the comprehensive evaluation, analysis and testing activities are being conducted on behalf of the developer’s key customers and stakeholders, and the developer’s intellectual property is being protected at all times.

Network Monitoring. IIT has extensive network monitoring capabilities, which are tied to real-time analysis and mitigation (problem resolution) capabilities. We are a certified Computer Network Defense Service Provider (CNDSP), in which we monitor and defend customers within the US and overseas. We provide Protect, Monitor, Detect, Analysis, and Response Services around the clock (24 x 7) for our customers. Linked to the CNDSP is a Network Attack Characterization Modeling and Simulation Test bed (NACMAST™) that replicates attack scenarios, test solutions, and development of protection tools. This test bed can also be used to develop a targeted test network (with known flaws/faults) to provide a training and learning environment for client security personnel. We provide a similar test network for the financial payment card industry, in which payment card company personnel must identify data and/or transaction irregularities to gain/maintain certification. Within NACMAST, we have a data warehouse that can store up to 1300 Terabytes of network traffic from sensors for periods of up to 6 months. This allows our cyber professionals to take “deep dives” into the data, to reconstruct the timeline of the attack, determine attack vectors and trace the origin of sophisticated penetration attempts. We use this information to develop new signatures and tools to detect as-of-yet unknown vulnerabilities. We also store data for evidentiary purposes, as necessary, to complement our computer forensics capabilities. We have trained and certified forensics technicians (i.e., expert witness testimony) that can extract data/evidence from computers and mobile devices, adhering to the strict rules of evidentiary chain of custody. We have supported sensitive computer forensics examinations for financial institutions to include major international private equity firms.

Training and Education. IIT provides customized training solutions. Since we “live” in the business world on a daily basis our instruction is based on both current ideas/technologies and real-world applied experiences, rather than just a theoretical understanding. We developed and executed a comprehensive Information Operations Training Program comprised of all aspects of information technology and security, including a Computer Emergency Response training and certification program for the National Guard, as well as comprehensive security and continuity of operations training programs for such diverse entities as the Chicago Metra (largest railroad terminal in the world) and General Dynamics. We develop customized training programs that efficiently meet the needs of our clients. We also develop and execute exercises, training and evaluation solutions for the U.S. Army’s Test and Evaluation Command Information Assurance Task Force.

Summary. EWA has a three-decade history of providing the complete range of cyber security protection solutions. We are resolute in keeping current with new threats, and in developing defeat mechanisms to share across our networks. We remain attuned and vigilant in maintaining and developing cyber security solutions that continue to protect our investments in information systems, and maintain confidentiality, integrity and availability of our and our clients’ networks and data.

Return to Litigation Support