Secure Cloud Transformation with 50% FISMA Score Improvement
The Challenge
DHS CISA faced the urgent need to secure and modernize its cloud operating environment. The agency was deploying Amazon Web Services (AWS) Landing Zone and Microsoft Azure CLAW (Cloud Log Aggregation Warehouse) while managing sensitive federal systems that required strict compliance with NIST, FedRAMP, FISMA, and OMB standards.
The risks were clear:
Disparate systems creating compliance gaps.
Rising number of security incidents.
Pressure from Executive Order 14028 to adopt Supply Chain Risk Management and Zero Trust.
Need for a secure-by-design migration from on-premise to cloud.
Our Approach
CRG partnered with BAE to deliver comprehensive Systems Engineering & Information Assurance (SE&I) support under a $10.7M firm-fixed-price contract.
Cybersecurity Strategy Development
Designed and implemented an agency-wide strategy that aligned with Zero Trust and secure-by-design principles.
Cloud Security Integration
Directed the secure design and deployment of AWS and Azure environments, including virtual private clouds, VPNs, and relational databases.
Governance & Standards
Established corporate cloud computing policies and standards in line with NIST 800-53, FedRAMP, and FISMA.
Enterprise Risk Management
Conducted enterprise-wide risk assessments, identifying and prioritizing vulnerabilities with mitigation roadmaps.
Security Operations
Oversaw daily security operations, incident response, and anomaly investigations across CISA systems.
Collaboration
Advised the CIO and CISO directly, and worked closely with enterprise security operations teams to ensure smooth adoption.
The Results
Measurable Outcomes:
50% increase in global FISMA security maturity scores.
45% reduction in Mean Time to Respond (MTTR) to critical incidents.
40% fewer high-risk vulnerabilities across the enterprise.
Significant reduction in overall security incidents.
CISA required a partner with proven federal expertise to deliver a transformation without disrupting mission-critical operations.
Why It Matters
For a federal agency like DHS CISA, even small lapses in security can have national implications. By embedding secure-by-design principles into cloud transformation, CRG helped ensure:
Mission continuity and operational resilience.
Compliance that stands up to the toughest federal audits.
Reduced risk of supply chain attacks and cloud misconfigurations.
Stronger public and legislative confidence in DHS’s cybersecurity leadership.
Client Perspective
While direct quotes remain confidential, DHS CISA leadership consistently acknowledged CRG’s success in:
Ready to achieve the same resilience?
CRG brings audit-ready, secure-by-design, and proven resilience to every engagement, whether government or enterprise.
Portfolio
Our Project Showcase
Explore our successful project implementations and outcomes.
Secure Cloud Transformation with 50% FISMA Score Improvement
Department of Homeland Security – CISA
Improved FISMA scores by 50% across AWS & Azure
45% faster incident response (MTTR)
185 Legacy Systems Modernized 6 Months Ahead of Schedule
Department of Defense – DTRA (via Leidos)
$55M annual cybersecurity budget optimized
Major compliance uplift and “Green” scorecard status
7,500+ Cyberattacks Stopped Across 400+ Global Embassies
Department of State – Diplomatic Security Bureau (DS-CTO)
Zero breaches during major global incident
New global cyber risk management framework deployed
