Federal Success Stories

United States Cyber Command (USCYBERCOM)

Securicon supports USCYBERCOM in planning, coordinating, integrating, synchronizing, and conducting the operations and defense of Department of Defense Information Networks (DODIN). Securicon assisted with development and implementation of processes, Concept of Operations (CONOPS), and Standard Operating Procedures (SOPs) leading to USCYBERCOM achieving full operating status.

 

 

 

Department of Homeland Security (DHS)

Securicon has been instrumental in assist­ing DHS establish the National Cyber Security Division (NCSD) and the United States Computer Emergency Readiness Team (US-CERT). NCSD utilized Securicon’s unique industry expertise in process control systems to help establish and operate its Control Systems Security Program (CSSP) to improve cyber security throughout the nation’s critical infrastructures. Securicon continues to support NCSD critical operations.

 

 

 

U.S. House of Representatives

Securicon is assisting the US House of Representatives in the migration of their information assurance program to a NIST SP 800-37 Rev 1 program, based on the Risk Management Framework. Securicon is supporting the development and implementation of the program in whole, which includes the processes and procedures for security assessment and authorization, tracking and remediation of POA&Ms, the establishment of the continuous monitoring program and actually executing all phases of the program.

 

 

Federal Aviation Administration (FAA)

Securicon holds two BPAs to support USPTO’s cyber security program. In one, Securicon conducts penetration testing of selected USPTO systems at the network, host, and application layers, and recommends remediation steps. In the other, Securicon supports the USPTO Risk Management Framework (RMF) information assurance group by supporting ISSOs, system owners and technical staff throughout the life cycle of all major USPTO systems and networks. This includes maintenance of security plans, accomplishment of security assessment and authorization activities and continuous assessment and monitoring of systems. In addition, Securicon participates as members of the USPTO project teams for major system development and upgrades, to ensure appropriate security controls are built in at the design stage and implemented during system development.

 

 

 

U.S. Patent and Trademark Office (USPTO)

Securicon conducts vulnerability assessments and penetration tests of selected USPTO systems at the network, host, and application layers, and recommends remediation steps. Securicon was awarded a long-term contract to expand the testing throughout USPTO’s information security program.

 

 

 

 

U.S. Department of Agriculture (USDA)

Securicon supports several US Department of Agriculture organizations’ Risk Management Framework (RMF) cyber security programs. Securicon’s support to the USDA includes security assessment and authorization (A&A), continuous monitoring and remediation of plans of action and milestones (POA&Ms). In addition, Securicon supported the USDA CIO’s office in a project to review, reorganize and update the CIO’s IT policies.

 

 

 

North American Electric Reliability Corporation (NERC)

Securicon has supported several NERC initiatives over the past few years. Following a third party risk assessment, Securicon provided remediation support to assist NERC in closing findings by implementation of security controls and development of policies and procedures to prevent future weaknesses. In addition, Securicon is currently providing program management support for NERC’s Cyber Risk Information Sharing Program (CRISP). CRISP is designed to reduce risks to the North American electric critical infrastructure through sharing of common threat, vulnerability and solution information between industry stake holders.