Today’s evolving cyber threats faced by Federal departments and agencies (D&A) cover a wide range of malicious activities from nation-state sponsors, criminal organizations, terrorist groups, hacktivists, insider threats, and others. These threats come from highly advanced, group-based entities that seek to operate inside of and maintain a presence on and in their target’s systems. When coupled with increasing regulatory requirements and oversight, the move to a risk management versus a compliance approach, and growing resource constraints, these threats presents huge challenges.
To be effective in this operational environment, Federal D&As must employ a cybersecurity program that focuses on operating in cyberspace instead of reacting to it. The need for innovative cybersecurity approaches, methodologies, and best practices that address interoperability, usability, and privacy is critical for the nation and the Federal government.
Provides services and capabilities including engineering, implementation, operation, and maintenance support for information system security controls that are implemented through technical mechanisms in system hardware or software.
Provides services and capabilities including development, implementation, assessment, improvement, maintenance, and governance support for all cross-cutting aspects of the organizational cybersecurity program.
Provides services and capabilities including implementation, operation, and maintenance support for information system security controls executed primarily by people.
Provides services and capabilities including development, implementation, assessment, improvement, and maintenance support for cybersecurity program and system compliance activities, assessment and management of system and organizational level cybersecurity risk, and ongoing conduct of system and organizational continuous monitoring activities.
Here are our latest blog posts on cybersecurity-related topics written by Criterion subject matter experts.
This article offers a variety of expert recommendations on improving enterprise cybersecurity.
John Harrison discusses the cybersecurity challenges that federal IT officials face during the Covid-19 pandemic.
John Harrison, director of Criterion's Cybersecurity COE, wrote the article, How to Update Agency Security Operations Centers.