Cyber-Security Assessment, Remediation, and Identity ... · Environmental and Security Company that was incorporated in the State of Michigan in 1994. Headquartered in Detroit, Michigan,

ISO 9001:2008

HUBZone Small Business Concern

Microsoft Gold Certified Partner

Oracle Gold Certified Partner

www.FutureNetGroup.com

Submitted To Submitted By

Attn: Joel Atkinson, Associate Category Manager

4050 Esplanade Way, Suite 360

Tallahassee, FL 32399-0950

Phone: (850) 488-1985

Email: [email protected]

FutureNet Group, Inc.

12801 Auburn St.

Detroit, MI 48223-3413

Phone: 313.544.7117

Fax: 313.544.7111

CAGE Code : 3DB92 DUNS No: 933549230

RFI Response

Due Date: Sep 3, 2015 12:00 PM ET

This proposal/quotation includes data that shall not be disclosed outside the Government and shall not be duplicated, used, or disclosed-in whole or in part- for any purpose other

than to evaluate this proposal. If, however, a contract is awarded to this offeror as a result of – or in connection with- the submission of this data, the Government shall have the

right to duplicate, use, or disclose the data to the extent to provide in the resulting contract. This restriction does not limit the Government’s right to use information contained in this data if it is obtained from another source without restriction. The information contained herein is protected by the Trade Secrets Act, as codified, and any improper use,

distribution, or reproduction is specifically prohibited. No license of any kind whatsoever is granted to any third party to use the information contained herein unless a written

agreement exists between the offeror and the third party which desires access to the information. No other use of the information and data contained herein is permitted without the express written permission of the offeror.

Cyber-Security Assessment, Remediation, and Identity Protection,

Monitoring, and Restoration Services

State of Florida, Department of Management Services, Division of State

Purchasing

http://www.futurenetgroup.com/

mailto:[email protected]

Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.

Page i

Table of Contents

Executive Summary ........................................................................................................................... 1

Introduction ........................................................................................................................................ 1

Background ......................................................................................................................................... 2

Company Information ....................................................................................................................... 4

Response to Section IV ....................................................................................................................... 6


Page 1

Executive Summary

FutureNet Group, Inc. (FNG) is a Certified HUBZone Business Technology, Construction,

Environmental and Security Company that was incorporated in the State of Michigan in 1994.

Headquartered in Detroit, Michigan, FNG is certified as a HUB Zone, GSA, and ISO 9001:2008,

MBE firm. Today, the company has approximately 200 employees throughout its local and West

Palm Beach, FL Washington, DC, and Ft. Jackson, SC, offices.

We offer Enterprise IT Infrastructure, building technology centers that reduce operating costs and

your carbon footprint. We manage multiple IDIQ, MATOC and BPA contracts, and have worked

with many federal clients providing IT services including the U.S. Army Corps of Engineers

(multiple locations), Army Contracting Agency, Defense Logistics Agency (DLA), U.S.

Department of State, U.S. Defense Information System Agency, U.S. Air Force, U.S. Department

of Agriculture (FS, ARS, ITD), U.S. Navy (ONR, NUWC, DDITS, OJAG, FCC/C10F, Marine

Corps, NSWC), U.S. Department of Justice, U.S. Department of Housing and Urban Development,

and Humphries Engineer Center Support Activity. FNG has received its 8(a) STARS II GWAC

award. In short, FNG has a proven track record that demonstrates the quality of our services.

FutureNet Group holds a DSS Top Secret Facility Clearance.

Certifications:

Awards:

Technology Partners & Resellers:

Microsoft Gold Certified

Partner

Oracle Gold Certified

Partner

IBM Partner

Laserfiche Authorized

Reseller

PARASCRIPT Accela Certified Partner

Esri Partner Network apprenda

FNG is responding to this RFI request, and has an extensive experience in providing Cyber

Security support to various city and federal agencies - providing a solution that delivers the

personnel, technology, and facilities, necessary to deliver Cyber-Security Assessment,

Remediation, and Identity Protection, Monitoring, and Restoration Services.

Regional Finance Monthly CEO Award for North America—Perry Mehta, 2013

Ernst and Young Entrepreneur of the Year Award, Business Products and

Services Categories, Michigan and North-western Ohio Region—CEO Perry

Mehta, 2013


Page 2

We appreciate this opportunity to provide our RFI response for the State of Florida, Department

of Management Services, Division of State Purchasing Department (DoM-DSPD), to deliver a

broad range of Cyber Security services.

Our experience with this service will enable us to help you avoid downtime and improve

productivity.

We demonstrate our expertise in providing highly effective and fully capable of performing all the

requirements of the State of Florida.

Regards,

Jay Mehta, Sr. Vice President,

FutureNet Group, Inc.

[email protected]

Tel: 313-544- 7117, Fax: 313-544-7111



Page 1

Introduction

Team FNG understands the mission of DoM-DSPD and has an extensive experience in providing

Cyber Security support to various city and federal agencies. Our team is able to perform cyber-

security assessment and remediation, as well as identity protection, monitoring and restoration

services. We have earned a national reputation as a valuable partner that consistently exceeds our

customers’ expectations. We focus on executing the deliverables of the contract to meet or exceed

your requirements, on-time and within cost. Our business model focuses on integrity—doing what

we say we will do. Our ability to efficiently deliver timely cyber security services is demonstrated

by our growth as a company and the number of contracts we win and retain.

Our experience enables us to focus on helping you to achieve your mission and not just meeting

the contractual requirements.

Critical elements of our contract execution:

• Program Management: We have a standardized contract execution process with a layered

management model process that ensures: (1) All the contract deliverables (specified and

implied) are captured and a responsible agent is identified, (2) Deliverables are tracked

systematically and reported, and (3) The contract leadership has a direct access to the corporate

executive that has authority to commit the company—allowing for timely and immediate

mitigation of any issues that may arise.

• Personnel: Our employees are our most important asset—because we hire the best, train them

for success and provide them with meaningful work. Simply—happy employees are productive

employees.

• Timeliness: Delivering what you say you will deliver—on time— is the cornerstone for a

successful contract execution. Timeliness of deliverables, tasks and mitigation of issues receive

immediate attention. To ensure timeliness, we pay close attention to deliverables at the task

level and the subsequent reporting of these to the Government.

• Quality Services and Products: Quality control is an active, not reactive, function in delivering

quality training services and products. Our planning activities recognize continuous

improvement as a primary business objective, which has established our image as a high

quality, services and products supplier. We are committed to customer satisfaction and

encourage a healthy environment for continuous growth, achievement and prosperity.


Page 2

Background

Past Performance # 1

Contract Name MCS Cyber Security Advisor Service

Contract Number AG-3142-B-11-0015

Order Number AG-3144-K-14-0128

Agency Department of Agriculture - Office Of The Chief Information Officer

Address of Agency USDA, OPPM-POD/ Information Technology Center

300 7th St., S.W.

Suite 377, Washington DC 20024

Type of Contract Firm Fixed Price

Place of Performance Detroit, Michigan 48226-4375

Period of Performance 08/12/2014 to 06/02/2016

Contract Value $75,092.80

Status Ongoing

Point of Contact Danielle c. Knipper, Contracting Officer

[email protected]

Description of work:

FutureNet Group (FNG) – Microsoft (MS) Team Services will provide a senior cyber security technical

and thought leader who will assist the USDA ITS with addressing IT security obstacles and challenges

with a lifecycle approach that develops an effective roadmap for achieving comprehensive IT security.

FNG-MS Team's four-phase Protect, Detect, Respond, and Recover framework treats cyber security as

a continuum rather than individual security tactics.

The core engagement offering elements that are going to be performed include:

1. Security Architecture Assessment

Kick-off meeting report and engagement plan

Qualitative Cyber Risk Assessment and risk mitigation recommendations

“As-is” Security Architecture Review

Cyber security Gap Analysis Assessment and Review

Identification of cyber security solutions and tactics

Strategic Cyber security Plan

Cyber security Tactics Investment Roadmap

2. Security Project and Architecture Reviews

Security project/architecture review content

Recommendations based on findings of projects and architecture reviews

Cyber security Plan and Tactics progress report to security and IT leadership

3. Security Workshops and Solution Reviews

Meeting/Workshop content and notes

Workshop summary technical report

FNG-MS Team solution offering briefings delivered at USDA-ITS request

Solution issue tracking and resolution

4. Technical and Cyber Threat Intelligence Interchange

Technical Interchange Documentation, Content and Meeting Summaries

Cyber Threat Intelligence products (i.e. Security Intel Report)

Solution and other technical documentation



Page 3

Captures technical inquiries from USDA-ITS team and manages resolutions and

escalations to internal FNG-MS Team security teams

Security solution research and recommendations based on cyber security plan and

roadmap and changing threat landscape

Issue tracking, management and reporting

Point of contact for FNG-MS Team internal product groups and operations team

5. Architect Engagement Reach back.

Delivers security technical inquiries to USDA-ITS team

Security solution research and recommendations based on cyber security plan and

roadmap and changing threat landscape

Issue tracking, management and reporting

Technologies: Microsoft Cyber security Architect.

Labor Category: Architectural Consultant, Principal Consultant, Engagement Manager.

Past Performance # 2

Name and Address of Agency Washington Headquarters Services (WHS)

Acquisition Directorate 2521 South Clark ST

Arlington VA 22202-3909

Contract Number GS-35F-0513T

Order Number HQ0034-12-F-0271

Contract Name Microsoft OSD IT Modernization – Phase 2

Type of Contract Firm Fixed Price

Place of Performance Pentagon, Mark Center, Crystal City and other Government facilities

within the National Capitol Region (NCR)

Type/Extent of

Subcontracting

FutureNet Group Inc. - Prime contractor

Microsoft Corporation – Subcontractor

Period of Performance 09/24/2012 to 09/23/2013

Total Contract Value $6,081,931.94

Contracting Officer Bolton Emily

[email protected]

Kasule Florence, Contracting Officer

[email protected]

Sitton, James M Jr CTR WHS EM (US) [email protected]

703-545-1667

Brief Description of Work: Team FNG provided Microsoft Enterprise Services for OSD IT

Modernization – Phase 2, including a full range of project-based technical consulting service customized

to OSD needs. We assisted OSD in meeting their current and future enterprise transformational

requirements. Our services included implementation support, informal knowledge transfer on software

technologies and recommended practices in design and implementation of the OSD infrastructure. Our

IT Services and Support included:

• Migration and Deployment Services

• Application Development Assistance





Page 4

• Cyber security Services

Our tasks included:

Migration and Deployment Services: We provided Microsoft Enterprise Services (MES)

subject matter expertise and advice for migration/deployment services related to upgrading

operating system software or communication, messaging software or transitioning from

disparate platforms or email systems.

Application Development Assistance: We provided Microsoft Enterprise Services subject

matter advice related to MS application development technologies and platforms.

Cyber security Services: We provided Microsoft Enterprise Services subject matter advisement

in cyber security technologies and platforms.

Technologies used: Windows 7 Deployment, Windows Server 2008R2/2012, Active Directory (Direct

Access), System Center, SQL Server 2008R2/2012, Exchange Server 2010, Lync Server 2010, Microsoft

CRM, Visual Studio Team Foundation Server 2010, SharePoint Server 2010, Project Server 2010, New

Product Evaluation (Windows 8 and Mobile Technology Pilot)

Company Information

Company Information

Company Name FutureNet Group, Inc.

Location of corporate

headquarters

12801 Auburn St., Detroit, MI 48223-3413

Bus: 313.544.7117 Fax: 313.544.7111

Industry (NAICS) Codes 518210, 519130, 519190, 541370, 541511, 541512, 541513

541519, 561210, 561311, 561312, 561320, 561410

Company ownership

(public, private, joint venture) Private

Business Classification / Socio-

Economic Status Small Business

Certified HUB Zone business Minority Owned Business

Locations of facilities

OCONUS India and Qatar

Location where incorporated Detroit, MI 48223-3413

Address Headquarters 12801 Auburn St., Detroit, MI 48223-3413

Bus: 313.544.7117 Fax: 313.544.7111

Washington, DC 5107-A Berwyn RD, College Park, MD 20740-4128

Bus: 202.558.7131 Fax: 202.640.2561

Regional Offices

Southeast · East Coast · Southwest · Midwest

Website www.FutureNetGroup.com


Page 5

Point of Contact Primary:

Name & Title : Jay Mehta, Sr. Vice President

Phone : 313-544-7117 | Fax : 313-544-7111

Email ID : [email protected]

Alternate:

Name & Title : Mary Loefller, Proposal Manager

Phone : 313.544.7117 Ext: 321

Contracts Vehicle GSA 8(a) STARS II GWAC

GS-06F-1221Z – Constellation – II

FA1, FA2, FA3, FA4

GS-06F-0868Z – Constellation – I

FA1, FA2, FA3, FA4

GSA IT Schedule 70, Contract GS-35F-0513T

Navy Seaport-e Contract(SUB)

CAGE Code

DUNS

EIN

3DB92

933549230

38-3217146



Page 6

Response to Section IV

The following section demonstrates our team’s abilities to provide the services related to this

RFI:

Required Services FNG’s Capabilities

1) Pre-Incident Services

a) Incident Response

Agreements – Terms and

conditions in place ahead of

time to allow for quicker

response in the event of a

cyber-security incident.

FNG agrees that having the terms and conditions in place ahead of

time allows for quicker response in the event of a cyber-security

incident.

b) Assessments – Evaluate a

State Agency’s current state of

information security and cyber-

security incident response

capability.

When dealing with a cyber-security incident, one of the most

important actions is to be properly prepared. This will help to

recover the systems more quickly, minimize the impact of the attack,

instill confidence in your customers, and even save money in the

long term. To be effectively prepared, you should be able to

determine the criticality of your key assets; analyze threats to them;

and implement a set of complimentary controls to provide an

appropriate level of protection.

Below are the steps of preparing for a cyber-security incident:

Step 1: Conduct a criticality assessment

Step 2: Carry out a cyber-security threat analysis, supported by

realistic scenarios and rehearsals

Step 3: Consider the implications of people, process, technology and

information

Step 4: Create an appropriate control framework

Step 5: Review state of readiness in cyber security incident response

c) Preparation – Provide

guidance on requirements and

best practices.

Our team understands that Security awareness should be conducted

as an on-going program to ensure that training and knowledge is

not just delivered as an annual activity; rather, it is used to maintain

a high level of security awareness on a daily basis. Keeping the

number of incidents reasonably low is very important to protect the

business processes of the organization.

Steps for providing guidance on the requirements:

1. Assemble the Security Awareness Team

2. Determine Roles for Security Awareness

d) Developing Cyber-Security

Incident Response Plans –

Develop or assist in

development of written State

The following steps demonstrate our procedure to develop or assist

in development of a State Agency’s plan for incident response in

the event of a cyber-security incident:


Page 7

Agency plans for incident

response in the event of a

cyber-security incident.

1. Prepare for a cyber-security incident: Performing a

criticality assessment; carrying out threat analysis; addressing

issues related to people, process, technology and information;

and getting the fundamentals in place.

2. Respond to a cyber-security incident: Covering

identification of a cyber-security incident; investigation of the

situation (including triage); taking appropriate action (e.g.

containing the incident and eradicating its source); and

recovering from a cyber-security incident.

3. Follow up a cyber-security incident: Considering your need

to investigate the incident more thoroughly; report the incident

to relevant stakeholders; carry out a post incident review; build

on lessons learned; and update key information, controls and

processes.

e) Training – Provide training

for State Agency staff from

basic user awareness to

technical education

Our incident response team will provide the basic user awareness

training to your State Agency staff. Our training program requires

that personnel acknowledge that they have received and understand

the content being delivered. Feedback on training content and

comprehension are keys to ensure that personnel understand the

content and the organization’s security policies.

Below is the content that is commonly included in general

security awareness training provided to different State Agency

staff: a. Users.

i. Follow security procedures, report security problems, and

complete required computer security training.

1. Central accounts through the IS office provide access

to:

a. Workstations.

b. E-mail (including webmail).

c. Remote connectivity (VPN, SSH, modem/dialup).

2. Central services (Central File Services, administrative

applications, web publishing, etc.).

3. Passwords are keys to compute resources, just as door

keys are for facilities.

4. Different passwords should be used to access Internet

resources (i.e. an ISU or Hotmail account). To

facilitate this, the use of a cryptographic password

safe is recommended. The DOE requires those

passwords:

b. Privileged Users.

i. Administer their own systems and configuration

management including

1. Anti-virus software.

2. Anti-spyware software.

3. Current patches for operating systems and

applications.


Page 8

c. Group Administrators.

i. Manage computers and implement the cyber security

program within their group.

d. Assistant Cyber Security Managers (ACSM).

i. Program point of contact.

ii. Implement the cyber security program within their program.

e. Cyber Security Team.

i. Manages day-to-day operation of the cyber security

program.

f. Directors / Associate Directors.

i. Responsible for the Laboratory’s cyber security program.

ii. Establish the program’s overall goals, objectives and

priorities.

2) Post-Incident Services:

a) Breach Services Toll-free

Hotline – Provide a scalable,

resilient call center for incident

response information to State

Agencies.

The following diagram depicts our Service Desk support procedure:

FNG will use a custom ticketing system having a single Point of

Contact (POC) to gather requests via various methods; phone

calls, email, documents, in-person all resulting in Service Desk

tickets. Tickets will be classified “Low”, “Medium” and “High”

and handled in an efficient manner.

FNG will provide maintenance of the State requests routed

through the Service Desk Tickets. Each request will be reviewed

and analyzed, and a timeline for resolution is defined and

communicated within the state.

Our team includes technical experts with a wide depth and

breadth of expertise in Call Center, helpdesk, Service Desk, and

Remote Monitoring/Support capabilities.

b) Investigation/Clean-up –

Conduct rapid evaluation of

incidents, lead investigations

and provide remediation

services to restore State

Agency operations to pre-

incident levels.

c) Incident response – Provide

guidance or technical staff to

assist State Agencies in

response to an incident.


Page 9

Our Service Desk is manned 24/7/365 to ensure that all service

calls are answered by a human in order to address critical

situations.

d) Mitigation Plans – Assist

State Agency staff in

development of mitigation

plans based on investigation

and incident response. Assist

State Agency staff with

incident mitigation activities.

Mitigation plans are generally developed to lower the risk for the

planned approach or redirect design, labor or other resources to

reduce risk. Our team will assist the state agency staff in the

development of mitigation plans based on our investigation and

incident response.

The above figure shows our processes for Risk Mitigation planning,

implementing and progress monitoring.

As a part of an iterative process, the risk tracking tool is used to

record the results of risk prioritization analysis (step 3) that provides

input to both risk mitigation (step 4) and risk impact assessment

(step 2).

e) Identity Monitoring,

Protection, and Restoration –

Provide identity monitoring,

protection, and restoration

services to any individuals

potentially affected by a cyber-

security incident.

We follow a number of steps in our cyber security incident response

to handle an incident effectively, which is a part of our wider

approach, with an emphasis on investigation.

In order to provide identity monitoring, protection and restoration

services to individuals affected by a cyber-security incident, we

have developed the following steps:

1. Identify cyber security incident

2. Define objectives and investigate situation

3. Take appropriate action

4. Recover systems, data and connectivity

Cyber-Security Assessment, Remediation, and Identity ... · Environmental and Security Company that was incorporated in the State of Michigan in 1994. Headquartered in Detroit, Michigan,

Documents