Cybersecurity Center of Excellence

A Dedicated Group of Cybersecurity Experts Who Deliver Innovative Solutions and Achieve Operational Excellence for Each of our Customers

Today’s evolving cyber threats faced by Federal departments and agencies (D&A) cover a wide range of malicious activities from nation-state sponsors, criminal organizations, terrorist groups, hacktivists, insider threats, and others. These threats come from highly advanced, group-based entities that seek to operate inside of and maintain a presence on and in their target’s systems. When coupled with increasing regulatory requirements and oversight, the move to a risk management versus a compliance approach, and growing resource constraints, these threats presents huge challenges.

To be effective in this operational environment, Federal D&As must employ a cybersecurity program that focuses on operating in cyberspace instead of reacting to it. The need for innovative cybersecurity approaches, methodologies, and best practices that address interoperability, usability, and privacy is critical for the nation and the Federal government.

Criterion
John Harrison, Director, Cybersecurity Center of Excellence

Core Capabilities

Cybersecurity Engineering and Technical Services

Provides services and capabilities including engineering, implementation, operation, and maintenance support for information system security controls that are implemented through technical mechanisms in system hardware or software.

Information System Security Engineering (ISSE)/Security Control Support
Cyber Defense Technology/Information System Protection Support
Enterprise and Security Architecture Support
IT and Cybersecurity Integration
Cybersecurity Infrastructure Operations and Maintenance (O&M)
CS&P Product Research, Evaluation, Testing, and Secure Configuration Support
Secure IT Development, Design, and Implementation Support

Cybersecurity Governance and Program Management Services

Provides services and capabilities including development, implementation, assessment, improvement, maintenance, and governance support for all cross-cutting aspects of the organizational cybersecurity program.

Data Security Support
CS&P Program Execution
CS&P Policy and Governance
Risk Management Framework (RMF) Support
Enterprise Vulnerability Management and Mitigation Program Support
CS&P Training Support

Cybersecurity Operations Services

Provides services and capabilities including implementation, operation, and maintenance support for information system security controls executed primarily by people.

Security Operations Center Support
Focused Operations Services
National Security Systems Cybersecurity Support
Intelligence Community Cybersecurity Support
Information Operations Support
Critical Infrastructure Protection Planning and Program Support
Industrial Control Systems (ICS) Support
Privacy Protection Support

Cybersecurity Compliance, Risk Management, and Continuous Monitoring Services

Provides services and capabilities including development, implementation, assessment, improvement, and maintenance support for cybersecurity program and system compliance activities, assessment and management of system and organizational level cybersecurity risk, and ongoing conduct of system and organizational continuous monitoring activities.

CS&P Program and System Audit Support
COMM and OSE Support
Command Cyber Readiness Inspection (CCRI) Support
Cybersecurity Service Provider (CSSP)
Site Assistance Visits (SAVs)
Information Operations Condition Implementation
Security Assessment and Authorization (SA&A)/RMF Support
Information Systems Continuous Monitoring (ISCM) Support
Risk Management and Risk Assessment Support
Cyber Supply Chain Risk Management Support

Cybersecurity Thought Leadership

Here are our latest blog posts on cybersecurity-related topics written by Criterion subject matter experts.