Department of Education

Overview

The Department of Educations (DOE) is the largest school district in the United States and its Cybersecurity team is responsible for securing the data of the current and former students, parents, employees and users. Because the DOE holds data for 1.1 million students, 150,000 employees and uses around 600 applications there is a high risk of cyber attacks. To top the danger, there was a limited cyber awareness and a compromisable legacy infrastructure that did not have any security implementations. SVAM took up the challenge to bring end to end security and worked with the DOE’s Chief Information Security Officer (CISO) office to perform a compressive cybersecurity review. The review provided both short and long term recommendations, highlighted in a roadmap. SVAM then worked to resolve the problem.

Challenges

  • Few critical applications of the 600 applications were still using legacy infrastructure.
  • Limited governance program & enforcement of cybersecurity requirements; lack of security and awareness and training program
  • Applications implemented with the help of third-party vendors where the processes were not established resulting in supply chain risk
  • Absence of an established Security Operation Center (SOC); shortages of IT staff including cybersecurity resources
  • Lack of a formal enterprise-wide Incident Response (IR) Plan

The SVAM Difference

SVAM deployed multiple robots to:

  • Established Third-Party Risk Management (TPRM) program; thereby, establishing third-party annual due diligence, issue tracking process, and corrective action
  • Operationalize governance policies to ensure timely adoption of the enhanced processes and implement proposed organizational structure using phased approach
  • Develop SOC strategy and framework in alignment with city wide policies set forth by City Cyber Command; build SOC in a phased approach in alignment with proposed organizational transformation
  • Implement processes related to newly developed IR Plan and track its adoption; execute table-top exercises for critical scenarios
  • Establish a formal enterprise-wide IR Plan to identify, analyze, contain, eradicate, recover from incidents and testing activities.

Efficiency Unlocked

  • Developed a comprehensive Information Security Risk Management program
  • Utilized all 108 NIST CSF sub-categories to enhance cybersecurity
  • Conducted a Cybersecurity Risk Assessment and provided a remediation strategy
  • Transformed the CISO's organizational structure
  • Established a Security Operations Center (SOC) for threat detection
  • Strengthened third-party risk management by integrating functions
  • Created processes for vendor due diligence and risk monitoring
  • Implemented procedures related to a newly developed Incident Response (IR) plan
  • Ensured the DOE had a robust Crisis and Incident Management system.
View All Case Studies