For over 25 years, Gnostech has provided the warfighter with a full spectrum of services and solutions to tackle threats in cyberspace. We’ve designed secure system baselines and software for the Naval Mission Planning (NavMPS) community, which allow the warfighters to perform their duties in a demanding operational environment; they can have confidence that their systems are secure and the data they share across the network is not compromised. Additionally, Gnostech transitioned and secured numerous Air Force and Space Force operational and strategic weapon systems ensuring to support the Nation’s ability to deter strategic threats.
Gnostech observed these early phases of cyber implementation during the late 1990s and early 2000s as our engineers collaborated on the initial security classification guide for the Joint Mission Planning System (JMPS). DoD mandates started to appear for security settings, or Security Technical Implementation Guide (STIGS) and the critical need to scan for open vulnerabilities, locking down systems and formal compliance reporting. In response, Gnostech’s team performed vulnerability scanning and reporting for Windows and Linux systems across the country on behalf of the USCG and Naval Information Warfare Systems Command (NAVWAR), and NAVAIR. In addition, Gnostech worked with NAVWAR early in the acquisition process to write Information Assurance (IA)/cyber requirements for new command and control systems to ensure Original Equipment Manufacturers (OEMs) were incorporating IA/Cyber from the beginning of the acquisition and design and development process. We sat with OEMs on behalf of the government to ensure cyber was properly integrated with the system as it was designed. Then, when patching and reporting mandates were implemented, Gnostech proposed a monthly Information Assurance Vulnerability (IAV) patch package for the JMPS program. To date, Gnostech has built and deployed over 400 IAV Patch Packages and software patches and system updates are now delivered via the Gnostech-developed Automated Update Distribution Tool (AUDT). Gnostech has seen the transition from DoD Information Technology Security Certification and Accreditation Process (DISCAP) to DoD Information Assurance Certification and Accreditation Process (DIACAP) to Risk Management Framework (RMF); helping dozens of mission critical systems, including surface, aviation, and ground systems, achieve Authorizations to Operate (ATOs).
The cybersecurity engineering expertise we’ve garnered over the decades allowed us to provide unmatched expertise and a more holistic approach developing and implementing cyber operations solutions and Information Assurance (IA) support. Gnostech led the development of the Vulnerability Remediation Asset Manager (VRAM), developed IAVAssure for NIWC Pacific, and numerous other tools to assess and remediate Navy and Coast Guard operational and shipboard systems. Similarly, Gnostech implemented the base architecture, developed policies, procedures, and tactics as part of the Coast Guard’s Cyber Command stand-up. In this role, we engineered, provided incident response support, and performed post incident response and forensic analysis of cyberattacks against the Department of Homeland Security (DHS)’s network and infrastructure.
Today, cybersecurity continues to be embedded in our DNA. All technical staff are required to obtain prescribed training and conduct continuous education for industry standard cybersecurity certifications. This is true for individuals for our Development Security Operations (DevSecOps) and software engineers, our Command, Control, Communications, Computers, Cyber-Defense, Combat Systems, Intelligence, Surveillance and Reconnaissance (C6ISR) system engineers and integrators, our hardware engineers, and for anyone who directly provides solutions to the warfighter. Additionally, we continue to develop products that provide secure information and data sharing across operational and security domains, systems and software that automate security functions in a cloud native environment, and we conduct testing on software and hardware to ensure operational systems are not compromised. The cybersecurity landscape is ever evolving, and Gnostech will continue to reduce cyber risk and find solutions that benefit all stakeholders. Click here to learn more about Gnostech’s cyber capabilities.