US Department of Homeland Security selects Telos to support information security governance


Telos Corporation has been selected by the US Department of Homeland Security (DHS) to provide support for its Xacta software applications, which DHS uses to enforce information security policies, track effectiveness of security programmes, and monitor compliance across its enterprise.

DHS has purchased and executed Telos’ Xacta Assessment Engine and continuous monitoring tool Xacta Continuum in 2012.

Xacta comprises enterprise risk management applications that automate security authorisations and ensures compliance with security standards such as the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).

It also helps DHS to implement FedRAMP workflow and comply with federal cloud security requirements.

Xacta has been deployed as enterprise-wide systems throughout DHS.

Telos’ Xacta Assessment Engine contains a knowledge base of more than 5,000 individual security requirements and associated test procedures, organised and cross-referenced into more than 100 security policies, regulations, and standards.

Xacta Continuum offers a holistic view of an organisation’s asset compliance posture and actionable reporting metrics for prioritised decision making.

Under its new contract, Telos will continue offering operations and maintenance of Xacta Assessment Engine and Xacta Continuum to provide the agency with the ability to manage and support all DHS and Federal Information Security Management Act (FISMA) requirements.

Telos will also offer on-site help desk and expertise to assist with process engineering, deployments to meet new regulations, and template development.

Telos IA Services vice president Ben Taylor said: “Because of its unique role in the US government, DHS’s information systems must comply with a broad range of security mandates including FedRAMP and NIST RMF, as well as its own policies for security compliance.

“We look forward to continuing our support of the Department and helping it manage, monitor and track authorizations to operate, plans of action and milestones, control assessments, and ongoing authorisations.”

Telos was the first to operationalise the NIST Risk Management Framework via software.

Xacta allows its users to establish a centralised IT risk management platform for enterprise security intelligence; collect extensive IT asset inventory data; detect, identify, and remediate threats to system security; and generate the reports and documentation needed for regulatory compliance.