Leading the Cybersecurity Strategy in the Public Sector

ANALYSIS AND STRATEGIC PLANNING

and applying industry trends, developing sound policies, conducting futures planning, and designing systems strategically. Our team supports our clients and partners in strategic planning for cybersecurity, identity and access management (IAM), information exchange, and advanced technology capabilities in emerging technologies.

SYSTEMS ENGINEERING

Our team consists of CompTIA Security+ certified experts who analyze security requirements, design secure system architectures, and test security controls in prototypes. CNA creates system-to-system requirements that ensure secure and interoperable messaging. Our team brings experience in stakeholder engagement across government agencies to provide inputs needed to develop the vision and requirements to modernize enterprise-wide IAM architectures.

TECHNICAL EVALUATION AND GAP ANALYSIS

We bring subject matter expertise in determining enterprise and multi-system security needs in emerging environments. Our holistic approach to analyses addresses new challenges by applying best practices and leading industry standards, such as those from the Internet Engineering Task Force (IETF) and the National Institute of Standards and Technology (NIST). For example, CNA has partnered with NASA’s Urban Air Mobility (UAM) team to conduct research and analysis focused on the ecosystems’ cybersecurity needs. CNA’s research identified a wide range of important cybersecurity topics that UAM needs to address, and the current focus of CNA’s work for NASA is Identity and Access Management.

PROTOTYPE DESIGN

CNA develops realistic and verifiable security objectives and evaluation metrics for live demonstrations and prototypes, such as the Federal Aviation Administration’s (FAA) Unmanned Aircraft Systems (UAS) Traffic Management (UTM) Field Test and UTM Pilot Programs. In addition, our team is working with industry to develop a practical countermeasure system for commonly overlooked cybersecurity vulnerabilities that threaten public safety UAS operations.

NATIONAL SECURITY

CNA takes a forward-looking approach to explore today's national security agenda and cyber security challenges that will emerge in the future. For example, through a series of cybersecurity scenarios, the Cybersecurity Futures 2025 project helps decision-makers anticipate how cybersecurity challenges will evolve. This project was a partnership between the UC Berkeley Center for Long-term Cybersecurity (CLTC), and the World Economic Forum’s Global Centre for Cybersecurity (C4C).

Our team brings leading expertise in cybersecurity exercises and gaming to test the continuity of operations (COOP) plans as they are  executed in the context of cybersecurity incidents and the capabilities of the jurisdiction to share intelligence and information relevant to the incident in a timely manner.

CNA's "Systematic Evaluation of Cybersecurity Risks in the Urban Air Mobility Operational Environment" paper was awarded “Best in Track” by the Integrated Communications, Navigation and Surveillance (ICNS) Conference Conference. The paper explored the evaluation of cybersecurity risks in the urban air mobility operational environment.