card image

Securing High-Value Medical Assets for the Department of Veterans Affairs

Varada provided cybersecurity services to the Department of Veterans Affairs (VA) within the Joint Cyber Operation Integration Center (JCOIC). The project included securing and protecting High Value Medical Assets (HVMA) and performing Enterprise Risk Assessments (ERA) to minimize risks associated with vulnerabilities and support the VA Electronic Health Records Modernization (EHRM).

About the Client

The Department of Veterans Affairs (VA) is a government organization responsible for providing healthcare and benefits to veterans and their families. The Joint Cyber Operation Integration Center (JCOIC) is a part of VA and is responsible for the cybersecurity of VA's IT systems and data. The VA Joint Cyber Operation Integration Center was in need of comprehensive cybersecurity services to ensure the security and protection of the High Value Medical Assets (HVMA) and the successful implementation of the VA Electronic Health Records Modernization (EHRM). The project required a team of experts in a wide range of fields, including the seven-step Risk Management Framework, information assurance, network management, situational awareness and incident response, secure web hosting, backup, security services, and Security Operations Center (SOC) services.

Solution and Outcomes

Varada Consulting provided a wide range of cybersecurity services to the VA Joint Cyber Operation Integration Center, including securing and protecting the High Value Medical Assets (HVMA) and performing Enterprise Risk Assessments (ERA). The project involved a comprehensive approach to cybersecurity, utilizing the National Institute of Standards and Technology (NIST) Risk Management Framework, Cybersecurity Assessment, Zero Trust Architecture, Network Scanning, Vulnerability Scanning, Log Collection and Analysis, Certificate Management, Project Management Body of Knowledge, and Agile Scrum. Our team successfully allowed VA to provide connectivity for HVMA supporting the VA Electronic Health Records Modernization (EHRM) well in advance of site Go Live events.

Tools and Compliance

Methodologies used to perform the work included NIST Risk Management Framework, Cybersecurity Assessment, Zero Trust Architecture, Network Scanning, and Vulnerability Scanning. Tools used included MS Project, MS SharePoint, MS Office Suite, MS Teams, Visio, Power BI, Jira, Wireshark, Webex, and Slack. Compliance was demonstrated with the Risk Management Framework for VA Information Systems and the Food and Drug Administration 510K for medical devices. The project schedules were built on Congressionally mandated milestones and followed the Agile Scrum methodology.

Related Case Studies

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam.

Maximizing Cybersecurity Efficiency for the US Navy with DevSecOps

Varada provided cybersecurity services for the Distributed Common Ground Services-Navy (DCGS-N) program, successfully improving the development cycle by implementing a DevSecOps pipeline that automated the deployment, testing, and reporting of vulnerabilities while ensuring compliance with regulations. 

View Case Studie Details