Cybersecurity TTP Development
CPT supports Test and Evaluation (T&E) and other activities to improve cybersecurity for various organizations and missions. Systems engineers, planners, and security analysts manage network architecture design, conduct risk assessment, and develop methods to improve the security of networks, platforms, and data. CPT conducts research and tests, prepares studies, and leads analyses of cyber environments.
Our teams systematically develop, test, and deliver tactics, techniques and procedures (TTP) for the following:
- Vulnerability Mitigation with Mission Resiliency
- Detection, Diagnosis and Remediation of Cyber Threats
- Forensics Analysis
- Mitigating Impacts of Cyber Attacks – Limit Cascading Effects
- Systems Recovery of Operational and Specialized Environments
The TTP CPT includes mitigation to enable systems operators to isolate critical systems while under cyber attack, allowing for continued local mode operation of critical systems while minimizing exposure and “quarantining” infected networks. Systems recovery TTP includes instructions to fully restore infected systems back to the original operations thereby removing all points-of-presence of an attack.
CPT provides guidance on the development of test bed designs used for each field test. These recommendations included a list of hardware, software, standard communications protocols and network hardening methods and procedures. Our team creates simulated cyber attach scenarios with detailed narratives to support each test to include Master Scenario Event Lists (MSEL) and measurement methodologies. All activities are logged and analyzed to identify potential TTP shortfalls and to assess the effectiveness of TTP.
Our cyber teams consist of highly experienced subject matter experts who support all phases of T&E. CPT’s experts understand the importance of network traffic and system baselines, vulnerability and risk analysis, and rule sets for effective alarm thresholds and threat detection and prevention. CPT personnel have expertise with a variety of open-source, vendor, and specialized environments, including critical infrastructure systems and associated protocols.
Our team utilizes a variety of references including:
- NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
- NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security