CounterMeasures™ Risk Analysis Software
-
Upload
chase-carson -
Category
Documents
-
view
116 -
download
0
description
Transcript of CounterMeasures™ Risk Analysis Software
![Page 1: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/1.jpg)
CounterMeasures™ Risk Analysis Software
www.countermeasures.com
www.alionscience.com
![Page 2: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/2.jpg)
© Alion Science and Technology
Slide 2
• Alion is an employee-owned technology solutions company headquartered in Northern Virginia
• Five years old with 70 plus years heritage as a Illinois Institute of Technology Research Institute (IITRI) focused on support to DoD
• Alion’s revenue is $850M/year with 3800 employee owners
• Core Business Areas:• Defense Operations• Modeling & Simulation• Wireless Communication• Industrial Technology• Chemical, Biological, Nuclear & Environmental Sciences• Information Technology• Naval Architecture & Marine Engineering
Company Biography
![Page 3: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/3.jpg)
© Alion Science and Technology
Slide 3
Decision Support Focus and Tools
• General focus – Planning, Resource management, System Stress and Risk
• Shrink wrapped to Contractor deployed and operated
• Tool Set includes:• CounterMeasures – Risk assessment and management• VI2SA (Visual Interactive Investment Strategy Analysis) -
Portfolio, investment analysis, supply chain and operational risk
• MOBSIM/Simviewer _ Transportation planning• PRAS (Predictive Readiness Assessment System)- System
stress management• Vector Suite – Crisis planning and exercise suite• CPR (Crisis Planning and response) – response management
and planning system,
• Customization of system(s) to customer environment
![Page 4: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/4.jpg)
© Alion Science and Technology
Slide 4
CounterMeasures Pedigree
• Origin was 1985 Navy risk methodology• Initial focus was shrink wrapped product for IT
assessments• Alion/IITRI partnership dates from 1997, acquired in
2002• Antiterrorism effort initiated with TSA requested
assessment of 11 largest airports immediately after 9/11
• Domain applications include: Federal (DoD, DOE, DOS), State (NJ, WI), Local (Washington DC), schools, ports, banks, oil and chemical industry
• DHS connections - CEDAP grant program, automation of DHS’s RAMCAP methodology
• Scope of deployments - $4K to multimillion dollar enterprise deployment with oracle based desk top management at all levels (US Army)
![Page 5: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/5.jpg)
© Alion Science and Technology
Slide 5
CounterMeasures™ Overview
![Page 6: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/6.jpg)
© Alion Science and Technology
Slide 6
CounterMeasures™ Overview
1. System Characterization
2. Threat Identification
3. Vulnerability Identification
4. Control Analysis
5. Likelihood Determination
Role-based, context sensitive automated
survey Automated Analysis Module
7. Risk Determination
8. Control Recommendation
9. Results Documentation
6. Impact Analysis
![Page 7: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/7.jpg)
© Alion Science and Technology
Slide 7
Case Study #1: New Jersey Treasury/State Police
Web Based Training
Custom Security Risk Assessment
Software
Custom Reporting
![Page 8: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/8.jpg)
© Alion Science and Technology
Slide 8
Case Study #2 OUSD(I) CI&S
100% Web Deployment
Fuse DIA Threat Data
![Page 9: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/9.jpg)
© Alion Science and Technology
Slide 9
Case Study #3 U.S. Army OPMG
Custom Methodology
Data Warehouse and Visualization
Automatically Generate DA Form 2806-1-E
![Page 10: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/10.jpg)
© Alion Science and Technology
Slide 10
Case Study #3 U.S. Army OPMG
Filter and search results
Updated Graph
Underlying Data
![Page 11: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/11.jpg)
© Alion Science and Technology
Slide 11
Case Study #3 U.S. Army OPMG
Multiple Graph Formats
Accompanying Legend
![Page 12: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/12.jpg)
© Alion Science and Technology
Slide 12
Case Study #3 U.S. Army OPMG
Totals reflect results per filter
criteria
Detailed Remediation Cost
Information
![Page 13: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/13.jpg)
© Alion Science and Technology
Slide 13
Case Study #3 U.S. Army OPMG
Interactive Geospatial Page
“Drill down” by clicking on
installation icon
![Page 14: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/14.jpg)
© Alion Science and Technology
Slide 14
Case Study #4 TSA Air Cargo
Support recommendations for updates to regulations and
legislation
Data Warehousing/Trend Analysis
Conduct/facilitate logistics chain assessments
![Page 15: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/15.jpg)
© Alion Science and Technology
Slide 15
Case Study #5 FDIC
IT Security/GovernanceAutomate existing organizational
report
![Page 16: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/16.jpg)
© Alion Science and Technology
Slide 16
System Characterization
• Respondent – Who’s taking the survey?
• System environment – what are the characteristics of the system?
• What type of function does the system serve?
• Selections are tailored to the customer’s needs
• Respondent – Who’s taking the survey?
• System environment – what are the characteristics of the system?
• What type of function does the system serve?
• Selections are tailored to the customer’s needs
![Page 17: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/17.jpg)
© Alion Science and Technology
Slide 17
Vulnerability Identification
• Survey respondent selects which assets the organization wishes to measure risk to and how valuable those assets are
• Survey respondent selects which assets the organization wishes to measure risk to and how valuable those assets are
• Vulnerabilities are associated with assets – they are inherent properties of assets
• Vulnerabilities are associated with assets – they are inherent properties of assets
![Page 18: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/18.jpg)
© Alion Science and Technology
Slide 18
Threat Identification and Likelihood Determination
To what extent will a threat exploit a vulnerability?
How frequently does a threat manifest itself?
![Page 19: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/19.jpg)
© Alion Science and Technology
Slide 19
Control Analysis
What countermeasures are in-place? How well has the organization implemented the countermeasures?
![Page 20: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/20.jpg)
© Alion Science and Technology
Slide 20
Impact Analysis
What’s the organization’s posture?
![Page 21: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/21.jpg)
© Alion Science and Technology
Slide 21
Control Recommendation
How can we improve the organization’s posture?
![Page 22: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/22.jpg)
© Alion Science and Technology
Slide 22
Risk Determination
How much risk is my organization experiencing?
![Page 23: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/23.jpg)
© Alion Science and Technology
Slide 23
Risk Determination
How can I measure my organization’s compliance?
![Page 24: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/24.jpg)
© Alion Science and Technology
Slide 24
Risk Management
How do I manage the implementation of my recommendations?
![Page 25: CounterMeasures™ Risk Analysis Software](https://reader033.fdocuments.net/reader033/viewer/2022061612/568134a6550346895d9baf05/html5/thumbnails/25.jpg)
© Alion Science and Technology
Slide 25
Conclusion/Questions
Caleb Jones
Alion Science and Technology
703.998.1630
www.CounterMeasures.com