The Situation – improve security posture beyond minimum NIST & CMMI requirements

Altarum, a non-profit health systems research and consulting organization, needed to conduct an annual security risk assessment. As part of their client-centered business model, their policy requires an external vendor to evaluate their corporate network, related infrastructure systems, established policies and documentation – all to ensure compliance to the highest degree.

Evaluation criteria consisted of reviewing standards, guidelines and existing best practices for managing cybersecurity related risks. Altarum’s security team needed to ensure an assessment engagement was seamless, cost-effective and that the overall outcome would improve their security posture beyond minimum requirements of National Institute of Standards and Technology (NIST) and the Capability Maturity Model Integration (CMMI). After evaluating several proposals, Altarum chose Optiv Security to provide the best overall solution and expertise to conduct the assessment and address any gaps.

The Solution – best practices & automated controls

Actively joining our airline client’s agile process, we worked in two-week sprints to evolve their cloud security program and overall cloud journey. Working closely with the client, we consolidated their logging architecture to ingest AWS logs into QRadar. For identity access management (IAM), we kept the collaboration going to implement permissions boundaries and review secure copy protocol (SCP) and IAM policies for least privilege.

Next came providing best practices for perimeter security, specifically how to best handle ingress and egress into and from the AWS environment. After reviewing their control framework for completeness and deduplication, we proposed automated controls and remediation and mapped the client’s controls back to CIS and NIST frameworks.