SOC Operations

CASE STUDY
A ClearFocus client had recently formed a Security Operations Center (SOC) but was struggling with the roles, responsibilities and procedures to run an effective SOC.

PROCESS

ClearFocus conducted a review of business and technical processes from the existing SOC and identified a lack of clearly defined and documented roles, functions, and requirements which contributed to an environment where staff lacked clear authorities to implement the cybersecurity mission. ClearFocus staff conducted a review of applicable law, regulations, policy, and agency requirements, and mapped requirements to clearly defined roles and functions aligned to the NIST 800-181 Cybersecurity workforce framework. ClearFocus then developed tailored, repeatable cybersecurity processes leveraging technology to enhance overall SOC effectiveness, while also realizing efficiencies through automation of manual operations processes that enabled responses at machine speed.

RESULT

By clearly defining the mission, roles, responsibilities, functions, and requirements, ClearFocus was able to develop a Concept of Operations (CONOPS) and procedural documents to foster an environment where cybersecurity staff understood their roles and were able to take action on incidents and events. ClearFocus further helped by providing expert technical leadership to the teams to address and resolve lingering issues which had negatively impacted the cybersecurity mission in the past. This included providing leadership to security engineering, vulnerability management, threat intel analysis, situational awareness, audit log collection and monitoring, and incident response activities.

Case Studies.

We are innovators. Our consultants have the right mix of talent, creativity, process and technology to ensure every initiative we undertake has successful outcomes and meets mission objectives.

Cybersecurity Modernization

One of ClearFocus federal clients wanted to modernize their existing cybersecurity program since the organization was not able to address several federally mandated security requirements. Additionally, new standards like the Risk Management Framework (RMF) require new processes, technology and approaches to meet the NIST SP 800-37 requirements.

SOC Operations

A ClearFocus client had recently formed a Security Operations Center (SOC) but was struggling with the roles, responsibilities and procedures to run an effective SOC.

Establishing a Threat Defense Life Cycle

Cyber threats and the sophistication of cyber-attacks continue to increase. Yet, today’s cyber defenses may not be adequate to stop tomorrow’s cyber-attack. By now, most enterprises have invested in cyber defenses, deploying a myriad of cybersecurity tools to protect their information assets…but have they really reduced the risk of breach?

Cybersecurity Modernization

One of ClearFocus federal clients wanted to modernize their existing cybersecurity program since the organization was not able to address several federally mandated security requirements. Additionally, new standards like the Risk Management Framework (RMF) require new processes, technology and approaches to meet the NIST SP 800-37 requirements.

SOC Operations

A ClearFocus client had recently formed a Security Operations Center (SOC) but was struggling with the roles, responsibilities and procedures to run an effective SOC.

Establishing a Threat Defense Life Cycle

Cyber threats and the sophistication of cyber-attacks continue to increase. Yet, today’s cyber defenses may not be adequate to stop tomorrow’s cyber-attack. By now, most enterprises have invested in cyber defenses, deploying a myriad of cybersecurity tools to protect their information assets…but have they really reduced the risk of breach?

Kevin Cassidy

President and CEO

Kevin Cassidy is responsible for defining and implementing ClearFocus’ vision and strategy. Kevin is also accountable for the company’s profitability and growth. Prior to starting ClearFocus, Kevin was the VP of Operations for InScope International where he was responsible for the delivery of enterprise IT and software development services. He also managed the company’s internal operations. Kevin started his career at AT&T and later moved on to OnePoint Communications and Verizon where he served in various IT leadership roles. Kevin is a Project Management Professional (PMP) with a Bachelors Degree in Computer Science from Rutgers University and an MBA from Georgia State University. Kevin’s interests include performance cars, running, video production and he actively serves on his church’s video ministry team.

close-link

Jennifer Garst

Vice President Client Services and Solutions

Jennifer Garst is responsible for the quality delivery of all ClearFocus client programs and responsible for client relations. Additionally, Jennifer leads the company’s government capture and proposal development. Jennifer joins ClearFocus after 12 years as the VP of InScope International’s Federal Division where she significantly grew InScope’s federal programs. Prior to InScope, Jennifer severed in various technical leadership roles which includes Technical Director of IT Management and Control for AOL and Director of Professional Services for Price Waterhouse Coopers. Jennifer has a Bachelors of Arts in Sociology and Criminal Justice from Roanoke College and an MPA in Management Information Systems from American University. When not supporting ClearFocus Jennifer’s loves to travel with her family.

close-link

Glen Dosey

Director Cybersecurity Technology

Glen Dosey shapes the direction of ClearFocus’ cybersecurity services. He also keeps ClearFocus on the forefront of cybersecurity technology. Glen holds certifications in the fields of computer forensics, incident response, malware analysis, and penetration testing. He contributed to the cybersecurity portions of the NIST CyberSkills framework. Glen believes in the importance of professionalizing and growing the cybersecurity workforce. Before joining ClearFocus Technologies, Glen worked for the Department of Homeland Security (DHS) where he was responsible for building and managing a CyberSecurity Operations Center at the Federal Law Enforcement Training Center.

close-link

Dave Blessing

Vice President Business Development

Dave Blessing is responsible for business development and the shaping of ClearFocus’s GoTo Market strategy. Dave brings 30 years of IT industry experience spanning Technology Sales and Consulting Service Delivery. Dave’s has had the pleasure of working for many technology providers from startups to mainstream (IBM, EMC, Sybase, Symantec…), serving within a global Distributor and selling for multiple Value-Add Resellers. Dave career has had him support Commercial and Federal markets, allowing Dave to develop an awareness of some of the differences and commonalities between these markets. Dave brings a depth of experience on how to best serve ClearFocus’s clients, while being a trusted and valued business partner within the IT ecosystem, as in the end successful business tends to be a team effort. Dave holds a Bachelors of Science in both Computer Science and Mathematics from Towson State and a Masters of Science in Network Communications from Johns Hopkins. Dave’s pastime is fast cars with a strong affinity towards Dodge Vipers.

close-link

Andy Herscher

Director Cybersecurity Programs

Andy Herscher provides technical development and enablement (Methodology, Process, People and Delivery) for ClearFocus Cybersecurity programs. Andy has multiple cybersecurity certifications which include the Certified Information Systems Security Professional (CISSP), the Certified in Risk and Information Systems Control (CRISC) and the Metasploit Certified Specialist (MCS). Before joining ClearFocus, Andy was the Director of Cybersecurity for InScope International. Before InScope, Andy held several Security Engineer positions that supported government programs. Andy has a Bachelors degree in Information Technology and Information System Security from the University of Phoenix and an MBA from Colorado State University.

close-link

Chris Ruotolo

Director Enterprise IT

Chris Ruotolo is accountable for shaping the direction of ClearFocus’ Enterprise IT services, technology, and implementation processes. Chris also leads ClearFocus’ Professional Services Practice where he has developed repeatable service offerings for OEMs, VARs and direct client engagements. Prior to joining ClearFocus Chris supported various OEMs and VARs which include Nutanix, Cloudistics, Pure Storage and he has considerable experience supporting VMWare engagements. Chris has multiple technical certifications for Nutanix, VMWare, Pure Storage and several other products. Chris is a voracious reader who enjoys riding motorcycles, electronic projects and playing with his kids.

close-link

Tracey Little

Manager Corporate Operations

Tracey is accountable for managing ClearFocus’ back office operations which includes contracts, client invoicing, procurement and federal and commercial program support.  Prior to joining ClearFocus Technologies Tracey was accountable for corporate operations for DH Technologies. Tracey has a Business Administration degree from Sanford Brown College. In her free time, Tracey coaches girls basketball and is a diehard Dallas Cowboy fan.

close-link

Roxanne Voorhees

Manager HR/Recruiting/FSO

Roxanne is responsible for managing ClearFocus’ Recruiting, Human Resources, and FSO departments in which she oversees all recruiting efforts, employee relations and facility security management.  Prior to joining ClearFocus Technologies Roxanne worked in HR and Recruiting for the last 15+ years and supported government and commercial customers.  Her passion is truly recruiting top talent and making lasting relationships with them for future or present positions. In her free time, Roxanne likes to travel and hang out with her dog, Jazzy.

close-link