Government Security News 2016 Digital Yearbook

acourtenay

GSN's Homeland Security Awards Digital Yearbook of Winners and Finalists

The GSN

2016 Digital Yearbook

OF

Homeland Security

Awards


The GSN 2016 Homeland Security Awards


The GSN 2016 Homeland Security Awards

Chuck Brooks, the Distinguished Judge of

GSN’s 2016 Homeland Security Awards, agrees with

the analysts now saying say that we are heading

for a Fourth Industrial Revolution

GSN: Chuck, thank you again for judging our

most recent and very successful awards event.

It was my real pleasure. Each year I am more

and more impressed with the capabilities of the

company submissions for best solutions. They

are all top notch and at the innovative edge

of security technologies. It also reassuring to

review many of the new technologies being utilized

across the physical and cyber spectrums

for securing the homeland.

GSN: Speaking of technologies, much is

happening in the world emerging technologies.

What are your quick thoughts as a subject

matter expert on our new tech era?

In my role of Chairman of CompTIA’s New and

Emerging Technology Committee I get a window

on what advancement is

happening in both the public

and private sectors. Many

analysts are now saying we

are entering a Fourth Industrial

Revolution. I concur,

these emerging technologies Chuck Brooks

are already impacting how

we live and work. With the advent of artificial

intelligence, robotics, quantum computing, the

Internet of Things, augmented reality, materials

science, 3-D Printing, and data analytics the

near future will be really exciting. We are living

in an era where innovation, agility and imagination

are all essential in order to keep pace

with exponential technological transformation

taking place. It is easy to imagine potential

applications for new technologies. For example

some of the applied verticals in homeland security

where I see emerging technologies applied

in the next few years include:

• Enhanced Surveillance (chemical and bio

sensors, cameras, drones)

• Improved facial recognition and License

plate readers

• New Non-lethal technologies

• Counter terrorism and law enforcement

informatics via predictive analytics and

artificial intelligence

• Advanced Forensics via materials science

and supercomputing

• Interoperable communications,

geo-fencing, and situational awareness

• Biometrics: assured identity security

screening by bio-signature: Every aspect

of your physiology can be used as a

bio-signature. Measure unique heart/pulse

rates, electrocardiogram sensor, blood

oximetry, skin temperature

• Automated cybersecurity and information

assurance

• Robotic Policing

That is my own future homeland security short

list. However, even with new and exciting

emerging technologies in the pipeline the new

digital landscape of connectivity also brings

a new and wide array of vulnerabilities and

threats.

GSN: What vulnerabilities and threats do you see

associated with these new technologies and

what will be government’s role in mitigating the

threats?

There is a security component to almost anything

technology related. The connectivity of

technologies, especially to the internet, makes

everyone and everything a target of cyber intrusion.

A good example is the Internet of Things

(IoT). IOT refers to the emerging connectivity

of embedded devices to the Internet. It is

estimated that there will be as between 25 to

65 billon connected Internet devices by 2020

(depending on who you cite). The commercial

and governmental IOT “landscape of sensors”

is becoming more exponential and complex by

the moment. Cybersecurity for the connected

IP enabled smart devices, from phishing, malware,

ransomware, and denial of service attacks

Continued on next page

4 5


The GSN 2016 Homeland Security Awards

is becoming more of a priority with each passing

day. The breaches are already happening in

both the public and private sectors.

GSN: What are your thoughts on the incoming

Administration on homeland security issues?

I think that the appointment of General John

Kelly at DHS is an excellent one. He has the

integrity, dedication, and amazing leadership

skills need for the role of Secretary of Homeland

Security. He has always been admire by

those who serve under him and I know he

will be well received by the law enforcement

community. I like the fact that he has stressed

cybersecurity and protecting the electric grid

during his confirmation hearings. Also, the appointments

of Tom Bossert as Homeland Security

Advisor and former Mayor Rudy Giuliani

to bring in expertise from the private sector on

cyber tech and applications bodes well.

In terms of across government mitigation efforts,

cybersecurity continues to be a lead focus

in the Department of Homeland Security’s

(DHS) growing role as the leading civilian agency

for protecting government agency networks

and in coordinating and collaborating with the

private sector. The Department of Homeland

Security (DHS) is likely to continue to expand

that role in the new Administration.

Lt. Gen. H. R. McMaster, President Trump’s

choice for national security adviser, is seasoned

with a strong expertise on national security

threats. On the Department of Defense (DOD)

Community side, General James Mattis, who

brings 41-years of Marine Corps experience,

is another excellent appointment. He simply

gets things done and he will provide exceptional

leadership and resources, especially for

the warfighter. I also like the appointments of

Retired Senator Dan Coats of Indiana as Director

of National Intelligence, and Congressman

Mike Pompeo as Director of the CIA. Both are

respected by their colleagues and have deep

legislative oversight experience on national

security issues. They bring the necessary leadership

qualities to meet geopolitical challenges

that require sharing of information, threat intelligence,

technologies, and working with multiagency

task forces.

Although parameters and specifics of the mis-

sions at DOD and in the Intelligence communities

differ from DHS, there still needs to be a

collaborative effort for protecting the homeland

domestically and abroad, especially with

cybersecurity. I think that the new Administration

has assembled a very strong and capable

security leadership team.

GSN: Can you update us on your social media

and thought leadership activities?

Yes, last year I was selected by LinkedIn as

“One of the Top 5 People to Follow On LinkedIn”

by LinkedIn (I was named #2). I now

have around 32,000 first degree followers on

LinkedIn and manage or own 12 LI groups

(mostly dealing with tech and security issues). I

am also active on Twitter nearing 4,500 followers

(please follow me @ChuckDBrooks) and

on Facebook. As you all know, social media

has become part of the digital fabric of how we

communicate, operate, and conduct business

in and out of government.

In the recent months I have published over 100

articles blogs. My topic areas have included

homeland security, cyber security, defense,

CBRNE, IT, R & D, science & technology,

public/private partnerships, IoT, innovation.

In addition to Government Security News, I

have been published in FORBES, Huffington

Post, InformationWeek, MIT Sloan Blog, Computerworld,

Federal Times, NextGov, Cygnus

Security Media, Homeland Security Today,

The Hill, Biometric Update, CIO Water Cooler,

Government Executive, Bizcatalyst360, Brink,

IT Security Planet, Christian Science Monitor,

and others.

I have also been very active on the speaking

circuit at a variety of conferences and events

at Universities and forums over the past year.

A couple of highlight; a few months back I

presented at a workshop sponsored by The

National Academies of Sciences, Engineering,

and Medicine and the Federal Bureau of

Investigation on Securing Life Sciences Data.

I also spoke at George Washington University

event about the Cyber Threat Spectrum along

with co-panelists John Perren, former Assistant

Director, FBI’s Weapons of Mass Destruction

Directorate, and Lieutenant Colonel Scott

Applegate, Strategic Planner, J5, Cyber Policy

Continued on next page

6 7


The GSN 2016 Homeland Security Awards

Division, Joint Chiefs of Staff. I will be participating

soon at USTRANSCOM Senior Leader

Cyber Security Roundtable that will include

Admiral Michael S. Rogers, who serves as the

U.S. Cyber Commander, Director of the National

Security Agency, and Chief of the Central

Security Service.

As always, thank you for speaking to me and

letting me share my perspectives. GSN serves

as an excellent media resource for all those

active in the homeland security, cybersecurity,

and national security fields. I strongly encourage

others to become regular readers of your

publication online and in print.

About Chuck: Chuck Brooks is Vice President

of Government Relations & Marketing for

Sutherland Government Solutions. He has an

extensive policy and technology background

both in the public and private sectors. In government,

Chuck has served at The Department

of Homeland Security (DHS) in legislative

leadership roles at The Science & Technology

Directorate, the Domestic Nuclear Defense

Organization, and FEMA (on detail during

Hurricane Katrina). He served as a top Advisor

to the late Senator Arlen Specter on Capitol

Hill covering security and technology issues

on Capitol Hill. He currently serves as subject

Matter Expert to The Homeland Defense and

Security Information Analysis Center (HDIAC),

a Department of Defense (DOD) sponsored

organization through the Defense Technical

Information Center (DTIC). He also served in

law enforcement as an Auxiliary Police Officer

for Arlington, Virginia. In industry, Chuck was

a Technology Partner Advisor to the Bill and

Melinda Gates Foundation and he currently sits

on the advisory boards of several corporations

and organizations involved in cybersecurity and

homeland security, including the Safe America

Foundation. In academia, Chuck was an Adjunct

Faculty Member at Johns Hopkins University

where he taught a graduate course on

homeland security for two years. He has an MA

in International relations from the University of

Chicago, a BA in Political Science from DePauw

University, and a Certificate in International

Law from The Hague Academy of International

Law. Chuck is well recognized as a thought

leader and subject matter expert on Cybersecurity,

homeland security, and emerging technologies.

In 2016, he was named “Cybersecurity

Marketer of the Year by the Cybersecurity

Excellence Awards. LinkedIn named Chuck

as one of “The Top 5 Tech People to Follow

on LinkedIn” out of their 450 million members.

Chuck has published dozens of articles

in publications such as Forbes, Federal Times,

Computer World, The Hill, Huffington Post,

Government Technology, InformationWeek,

and of course Government Security News on

the technology and security topics. He is also

a select “Passcode Influencer” for the Christian

Science Monitor on information security issues.

Chuck is a frequent speaker at conferences and

events and his professional industry affiliations

include being the Chairman of CompTIA’s New

and Emerging Technology Committee, and as a

member of The AFCEA Cybersecurity Committee.

Chuck has also served as a judge for five

Government Security News industry homeland

security awards events.

8 9


The GSN 2016 Homeland Security Awards

Category #1: Vendors of IT and Cybersecurity Products and Solutions

Best User & Entity Behavior

Analytics (UEBA) Solution

Amplivox - Finalist

Identive - Finalist

Inmarsat - Winner

FLIR - Finalist

Rave Mobile Security – Finalist

Gurucul - Winner

Best Industrial

Cybersecurity Solution

Aperio - Winner

Claroty - Finalist

Darktrace - Winner

Indegy - Winner

Best Application Security Solution

Waratec - Winner

Best Multifactor Authentication Solution

No entries

Judging in this category is based on a combination of:

• Increase in client organization’s security

• Technological innovation or improvement

• Filling a recognized government IT security need

• Flexibility of solution to meet current and future organizational needs

Best Anti-Malware Solution

Blue Ridge - Winner

Bromium - Winner

Passages - Finalist

Best Identity Management Platform

Centrify - Winner

Forum Systems - Finalist

HID Global - Winner

Best Enterprise File Solution

No entries

Best Compliance/Vulnerability

Assessment Solution

Netwrix Corporation - Finalist

Risk Vision - Finalist

Solar Winds - Winner

Wombat - Finalist

Best Cyber Operational Risk Intelligence

Red Seal - Winner

Best Data Security/Loss Management Solution

Spiron - Winner

Best Email Security and Integrity Solution

Wombat Security Technologies - Winner

Best Endpoint Detection and Response Solution

Bromium - Winner

illusive networks - Winner

Tychon - Finalist

Best Forensic Software

No Entries

Best Big Data Analytics Solution

Securiport - Winner

Best Threat Intelligence Solution

Securiport - Winner

ViaSat - Finalist

Best Network Security/Enterprise Firewall

Forcepoint - Winner

ViaSat – Finalist

10 11

Best Physical Logical Privileged

Access Management Solution

Beyond Trust - Winner

Centrify Corporation - Finalist

EKUSA - Finalist

Forum Systems - Finalist

Identive - Winner

Best Continuous Monitoring

and Mitigation Solution

Cyber Ark – Winner

Darktrace - Winner

Netwrix - Finalist

Passages - Finalist

Securiport - Finalist

Solar Winds Worldwide - Finalist

Best Security Incident & Event

Management (SIEM) Solution

Cyber Ark - Finalist

Netwrix - Winner

Solar Winds Worldwide - Winner

Best Security Infrastructure Orchestration

Phantom - Winner

Best Server Security Solution

BlueRidge - Winner


2016

Indegy

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Industrial Cybersecurity Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Indegy has developed a cyber security platform that

protects Industrial Control Systems (ICS)/ SCADA used

in critical infrastructures (energy, water utilities, petrochemical

plants, manufacturing facilities, etc.) by providing

comprehensive visibility into the control-plane

engineering activities of Operational Technology (OT)

networks.

By detecting unauthorized access and logic changes

made to process controllers like PLCs, RTUs and DCS

that are used to manage the lifecycle of industrial processes,

Indegy identifies threats that place the safety,

reliability and security of ICS systems at risk. Indegy provides

advanced protection against cyber attacks, insider

threats and human error.

Contrary to popular belief, it is not difficult to attack

ICS networks. Any second year engineering student with

a basic understanding of industrial control systems has

the requisite knowledge.

However, while easy to attack, ICS networks are

12

difficult to defend. First, ICS networks are inherently

different than IT environments. They were designed

and implemented decades ago, before the cyber threat

existed, and therefore lack basic security mechanisms

found in IT networks, such as authentication, encryption

or logging capabilities. Many are poorly protected

by “Air Gaps”, which are meaningless in today’s Internetconnected

environments.

Second, ICS devices and applications are rarely

patched due to concerns over stability, disruptions and

production downtime.

Third, the communications in ICS networks are very

different that those in IT networks. While application

data and physical measurements are communicated

over known and standardized industrial protocols like

MODBUS, PROFINET, DNP3 and others, engineering

activities used for programing PLCs, RTUs and DCSs are

carried over proprietary, vendor-specific, and largely

undocumented protocols. This includes all controller

logic updates, configuration changes and firmware

uploads/downloads, use vendor-specific protocols. If we

would compare it to IT networks, these activities would

be called privileged activities. Only that in ICS networks

there are no controls to restrict these activities to privileged

users or monitor them.

Current IT cyber security solutions do not have the

appropriate technology to monitor these proprietary

vendor specific protocols and the engineering activities

that can indicate cyber attacks, identify malicious insiders

or detect human error.

The Indegy Industrial Cyber Security Platform is natively

designed for ICS networks and is the only cyber

security platform capable of providing comprehensive

visibility into the control-plane engineering activities of

OT networks, covering both network activity and direct

physical access to critical assets. As a result of extensive

research by Indegy’s R&D labs, the depth of the

platform’s deep packet inspection (DPI) engine and its

ability to parse in real-time all engineering-level activi-

Continued on next page

13

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.indegy.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

A short video depicting the technology:

https://www.youtube.com/watch?v=xsK-1XnUVr4

“Attacks on industrial control and supervisory control and data

acquisition (SCADA) systems is a continuing problem hanging

over critical infrastructure like power grids and water supplies.

Its appliances protect deployed SCADA devices that may be too

numerous to replace with more secure ones. By monitoring to

find alterations in the control planes of SCADA devices Indegy

can discover potential changes to their programmable logic

controllers that may indicate attacks. This can help discover

threats before they are carried out to older systems lacking

defenses.” – Tim Greene, Senior Editor, Network World

http://www.networkworld.com/article/3080097/security/hot-security-startups-to-watch.html

In Dark Reading, Indegy CEO Barak Perelman explains the

threats to critical infrastructure, “And Now, A Cyber Arms Race

Towards Critical Infrastructure Attacks”

http://www.darkreading.com/attacks-breaches/andnow-a-cyber-arms-race-towards-critical-infrastructure-attacks/a/d-id/1323225?

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron, President

Marc Gendron Public Relations

office: 781-237-0341

cell: 617-877-7480

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

marc@mgpr.net

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron Public Relations

190 Lower County Road

W. Harwich, MA 02671


ties carried over proprietary control-plane protocols

is unavailable from any other industrial cyber security

solution on the market.

Indegy monitors all ICS network activity with a

unique focus on proprietary control-plane protocols,

and provides critical real-time visibility into controller

logic changes, configuration changes, firmware uploads

and downloads and controller state. The Indegy platform

enables ICS engineers and security staff to quickly

pinpoint the source of problems with details about the

who, what, when, where and how. It enable effective

response to incidents before damage occurs and minimizes

operational disruptions.

Further, the Indegy platform’s ability to automatically

detect assets in the ICS network and capture a full image

of those devices enables it not only to monitor their

integrity but also supports backup and recovery, allowing

security staff to quickly restore problematic devices

and shorten recovery time. The Indegy industrial cyber

security platform is non-intrusive, agentless, and its DPI

captures all proprietary, vendor specific control-plane

activity, including access to controllers (PLCs, RTUS,

DCSs) or changes in controller state, logic, configuration

settings, firmware uploads/downloads, etc. To eliminate

cyber security blind spots, Indegy detects all ICS

changes, regardless of whether they are performed over

the network or directly on the physical devices.

The Indegy platform generates policy-based real-time

security alerts that allow ICS engineers and security staff

to quickly pinpoint the source of problems and effectively

respond to prevent operational disruptions and

physical damage that could occur from cyber attacks, insider

threats and human error. Indegy includes built-in

applications for automated asset management, configuration

control, policy enforcement, risk analysis.

For the first time in industrial networks, Indegy provides

OT administrators with a long-desired, comprehensive

audit trail. The platform automatically discovers

all controllers and devices on ICS networks and

routinely validates their integrity ensuring no logic,

firmware version and configuration to identify any

unauthorized or unintended changes take place. It is

delivered as a turn-key network appliance, and supports

seamless integration with third party software

including SIEM, configuration management databases

(CMDB) and other applications through an easy to use

RESTFul API.

Indegy combines a unique mix of cyber-security

expertise with hands-on industrial control knowledge.

The company’s leadership and R&D team consists of

veterans from the Talpiot military academic program

and the elite 8200 intelligence unit of the Israel Defence

Forces. This background and expertise is the

foundation on which Indegy delivers cutting edge

technologies for securing ICS environments.

Indegy announced the general availability of its

industrial cyber security platform in February 2016.

It currently has customers in the US, Europe and

Israel (where its R&D lab is based) and the product is

deployed in live production environments. Indegy’s

customers include a number of critical infrastructure

utilities (power, gas, water), a global pharmaceutical

firm, a petrochemical plant, a Fortune 50 technology

manufacturer, and more.

Indeg y has already received several awards:

• Best Next Gen ICS/SCADA Security Solution

from Cyber Defense Magazine

2016 TiE50 Winner, one of the 10 Most

Promising Cyber Security Startups by

Forbes Israel

• Network World Hot Security Startup to Watch

14 15


2016

Beyond Trust

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Privileged Access Management Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Retina CS Enterprise Vulnerability Management

With its actionable reporting capabilities, advanced

threat analytics, centralized data warehouse, zero-gap

coverage, and tight integrations with 3rd party solutions,

Retina’s results-driven architecture works with

government users to proactively discover what’s connected

to their networks, put context around what

systems and applications are most at risk, streamline

remediation, track threats over time, and communicate

progress to various stakeholders across their agencies.

The following is just a sample of the key capabilities

offered by Retina CS:

Threat and Behavioral Analytics:

• Correlates privilege, vulnerability and threat data

from a variety of BeyondTrust and third-party

solutions

• Aggregate users and asset data to centrally base

line and track behavior

• Assign threat levels to events from various

BeyondTrust and 3rd party data sources, based on

scoring, malware, exploit research, exploit data

bases, exploitability indices, CVSS, and more

• Measure the velocity of asset changes to flag

in-progress threats

• Isolate users and assets exhibiting deviant

behavior and report on outliers and risks

Actionable Reporting:

• Over 270 standard reports and pivot grid

capabilities for custom reports

• Maps vulnerabilities and misconfigurations to

DISA Gold Disk, FDCC, NIST, USGCB, and many

more regulatory frameworks

• Risk Matrices and Heat Maps pinpoint vulnerabili

ties with known exploits in the wild

• Threat Analyzers measure remediation results

before you do the work

• Vulnerability and Compliance Scorecards and

SLAs measure remediation and mitigation

response times in the context of business risk

BeyondInsight Risk Management Platform:

• Reporting and analytics engine for Retina CS,

provides a single, contextual lens through which

to view user and asset risk

• Group, assess, & report on assets by OS, domain,

applications, function, vulnerabilities, and more

• Built-in workflow, ticketing, and notification

• Dozens of certified integrations with SIEM,

GRC, NMS solutions, and more

• Correlates McAfee, Qualys, Rapid7,

Tenable, and Tripwire vulnerability

scan data

Vulnerability and Privilege Integration:

• Control application access based on its

known vulnerabilities, as well as their age,

potential risk, and impact on regulatory

compliance

• Use application usage information to help

prioritize which vulnerabilities to focus on

Vulnerability Assessment:

• Smart Credentials automatically scan targets using

the highest level privilege credentials

• Host-Based scanning closes security gaps

created by cloud and virtual environments, and

mobile devices

• Cloud/Virtual scanning of Amazon, Azure,

Hyper-V, VMware, and more.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.beyondtrust.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

ttps://www.beyondtrust.com/wp-content/uploads/

ds-retina-cs.pdf?1453837501

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Mike Bradshaw, Partner

Connect Marketing

office: 801-373-7888

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Connect Marketing

881 W. State Street

Pleasant Grove, UT 84062

BeyondTrust is proud of the fact that hundreds

of U.S. Federal departments and agencies rely daily

on Retina CS and are honored to have been selected by

the Department of Homeland Security CDM program as

its Vulnerability Management solution. BeyondTrust’s

commitment to serving the U.S. government, and

government-related organizations, starts with its compliance

support for strategic cybersecurity mandates such

as FISMA, CSIP, and the DoD Cybersecurity Culture and

Compliance Initiative. This also includes the continuous

monitoring and command and control capabilities made

possible by Retina CS and its BeyondInsight platform,

delivering unsurpassed analytics and intelligence to its

end users.

16 17


2016

Phantom

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Security Infrastructure Orchestration

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Recent research shows cyber teams struggle to identify

and manage security alerts where remediation times

may require hours of analysts’ time on teams already

strapped for talent and resources.

Organizations like the Department of Homeland Security

and NSA talk of environments with security traffic

exceeding 1 billion alerts per day - even after reducing

the load to 1 million alerts per day with correlation and

other tools, more than 20,000 human analysts would be

needed to respond.

Automation and orchestration solutions for incident

response and threat defense operations are quickly

emerging as “must have” technologies to increase

response effectiveness, reduce costs, and ultimately

achieve cyber resiliency.

Phantom, the first company to provide an open, extensible,

and community-powered security automation

and orchestration platform, has extended its lead since

entering the market and being named RSA Conference

2016’s Most Innovative Startup earlier this year.

The Phantom platform executes digital playbooks

to automate and orchestrate the security technologies

organizations already have in place. This layer of “connective

tissue” allows users to achieve in seconds what

would normally take hours to accomplish with the

dozens of independent point products in their environment.

As further validation of Phantom’s leadership, In-Q-

Tel made a strategic investment earlier this year, and

SINET tapped Phantom as one of the most innovative

security technologies for 2016.

Phantom is actively involved in the Federal research

community with projects like Integrated Adaptive Cyber

Defense (IACD) along with the Department of Homeland

Security (DHS), the National Security Agency’s Information

Assurance Directorate (NSA/IAD), and Johns

Hopkins University Applied Physics Lab (JHU/APL).

IACD is a project intended to “radically shift the mentality

and status quo in cyber defense to secure integration

and automation to enable faster response times and

increase community prevention.”

Phantom also participates in the OpenC2 Forum

chaired by the NSA, which is a group working to develop

a reference architecture that addresses issues pertaining

to security automation command and control.

Booz Allen Hamilton and Phantom have formed a

strategic alliance, fusing Booz Allen’s decades of mission

intelligence and deep expertise architecting and implementing

cyber solutions, with Phantom’s leading security

automation and orchestration technology platform.

Booz Allen delivers its significant cyber knowledge

and proven security operations plans by crafting automation

playbooks for use on Phantom’s platform, incorporating

best practices in Cyber Threat Intelligence,

Incident Response, and Security Operations. These playbooks,

which codify security and business processes,

help leaders break down common organizational siloes

that inhibit collaboration and prevent rapid containment

and resolution of cyber events. The playbooks are

based on Booz Allen’s expertise and decades of defense

and intelligence work with the federal government.

In sum, Phantom is solving one of the biggest challenges

facing the security community today and has

been recognized for leadership and innovation in this

emerging market on several occasions. Their commitment

to federal cybersecurity community though

projects like the IACD and OpenC2 Forum, plus their

partnership with leading firms like Booz Allen Hamilton,

make Phantom an ideal choice for GSN’s Annual Homeland

Security Awards.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.phantom.us/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Booz Allen & Phantom Strategic Partnership Announcement:

http://www.boozallen.com/media-center/pressreleases/2016/10/automation-enables-cyber-threatmitigationat-machine-speed--pro

SINET Announces Phantom as One of Most Innovative Security

Technologies in 2016:

http://www.businesswire.com/news/

home/20160919006353/en/SINET-Announces-16-Innovative-Cybersecurity-Technologies-2016

In-Q-Tel Announces Strategic Investment in Phantom:

http://www.businesswire.com/news/

home/20160426005147/en

Phantom Named “RSA® Conference 2016’s Most Innovative

Startup:

http://www.businesswire.com/news/

home/20160301005926/en/Phantom-Named-

%E2%80%9CRSA%C2%AEConference-

2016%E2%80%99s-Innovative-Startup%E2%80%9D

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Manpreet Mattu, Director Strategic Ventures

Booz Allen Hamilton

office: 732-718-9812

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Booz Allen Hamilton

8283 Greensboro Dr.

McLean, VA 22102

18 19


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Centrify Corporation

2016 Winner

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Identity Management Platform

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

The Centrify Identity Platform protects against the

leading point of attack used in data breaches — compromised

credentials — by securing an organization’s

internal and external users as well as its privileged accounts.

Centrify delivers stronger security, continuous

compliance and enhanced user productivity through

single sign-on, multi-factor authentication (MFA), mobile

and Mac management, privileged access security and

session monitoring.

Centrify offers derived credential authentication

support for secure mobile access to apps, websites and

services that require smart card authentication, opening

the door to full mobility for state and federal government.

Derived credentials allow common access card

(CAC) and personal identity verification (PIV) based

authentication via mobile devices, without requiring

cumbersome, dedicated smart card readers.

Centrify also helps federal organizations comply with

a myriad of regulations. Centrify provides demonstrable

compliance to Federal Information Security Management

Act (FISMA) and best-practice guidance from

agencies such as the Office of Management and Budget

(OMB) and the National Institute of Standards and Technology

(NIST). Below is a list of the federal regulations

Centrify helps government agencies to address:

• FISMA

• HSPD-12

• NIST-800 Series

• OMB

• PCI-DSS

• HIPAA

• CDM

Additionally, Centrify leverages existing infrastructure to

centrally secure and audit heterogeneous systems and

applications. With a single point of administration

for accounts, access controls, privileges and policy for

systems and

workstations, IT managers can implement security

levels appropriate to their individual organization’s

needs and

more easily accomplish the reporting and auditing

tasks required for certification and accreditation of their

processes.

Below are some of the federal certifications and

accreditations Centrify helps government agencies to

address:

• Common Criteria-EAL2+

• SOC II

• FedRAMP

• FIPS-140-2

• DITSCAP

• NIACAP

• FDCC

• DIACAP

This entry deserves to win because Centrify’s platform

helps government organizations control, audit and

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.centrify.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Centrify Identity Platform:

https://www.centrify.com/why-centrify/centrify-identity-platform/

Centrify Solutions for Federal Regulatory Compliance:

https://www.centrify.com/solutions/federal-compliance/regulatory-compliance/

Centrify Solutions for Federal Certification and Accreditation:

https://www.centrify.com/solutions/federal-compliance/certifications/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Jenny Overell, Account Supervisor

Finn Partners

office: 415-249-6778

cell: 925-878-5655

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Finn Partners

101 Montgomery Street #1500

San Francisco, CA 94104

report on access to sensitive data while reducing complexity,

keeping users productive, and addressing the

specific requirements of key federal regulations. Centrify

has an extensive history of delivering data center, cloud

and mobile solutions for the federal market. Centrify is

trusted by over 100 top government agencies, including

the FDA, Raytheon, U.S. Army and U.S. Air Force.

20 21


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Centrify Corporation

2016 Finalist

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Privileged Access Management Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

With the constant forward progress of technology and

the major shift to cloud-based systems, government

agencies require a modern approach to managing and

securing privileged accounts. Centrify Privilege Service

(CPS) addresses increasingly hybrid IT environments

of on-premises and cloud-based systems, and closes today’s

growing gap in security, visibility and control over

privileged accounts. CPS provides security for modern

government agencies – where IT is increasingly outside

the firewall – with a secure cloud-based service that is

easy to implement and delivers quick ROI.

CPS is delivered as a modern, multi-tenant cloud

service, available in 15 languages from 10 data centers

across the world and with rich support for mobile

devices. CPS is built on the proven Centrify Identity

Platform, which powers the Centrify Identity Service,

the industry’s first entirely cloud-based solution for

integrated identity, mobility and Mac management. CPS

also complements and extends the broad set of capabili-

ties for identity consolidation, privilege management

and privileged session auditing found in the flagship

Centrify Server Suite by providing shared account

password management for servers, network devices and

Infrastructure-as-a-Service (IaaS).

With CPS, government agencies minimize risks associated

with privileged accounts – that are increasingly

the focus of hackers and malicious insiders – by enforcing

centralized control over who can access shared

credentials. And by leveraging privileged session monitoring

and access reporting, government agencies make

compliance efforts for privileged accounts efficient and

effective. Additionally, government agencies achieve a

future-proofed identity and access management strategy.

CPS offers numerous security capabilities for stakeholders

in the IT chain of command. Highlights include

the power to:

• Centrally manage emergency access to all servers

and network devices in break-glass scenarios

• Grant secure, cloud-based access for remote and

outsourced IT staff to servers and network

devices, without giving VPN access to the full

data center

• Secure access to on-premises servers, network

devices and Infrastructure-as-a-Service via bestin-class

resource management, shared password

management and privileged session monitoring

capabilities

This entry deserves to win because CPS is the most

comprehensive and tightly integrated privileged identity

management solution available today. It increases

security, simplifies compliance and spans both cloud

and data center infrastructure. CPS has also been wellreceived

and successfully deployed in numerous government

IT infrastructures. By utilizing a pay-as-you-go

cloud pricing model, CPS implementation

has resulted in dramatically

faster ROI than legacy

systems.

Centrify has an extensive history

of delivering data center,

cloud and mobile solutions for

the federal market. Centrify is

trusted by over 100 top government

agencies, including the

FDA, Raytheon, U.S. Army and

U.S. Air Force.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.centrify.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Centrify Privilege Service product overview:

https://www.centrify.com/products/privilege-service/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Elise Vue, Senior Account Executive

Finn Partners

office: (415) 249 -6767

cell: (415) 654-8753

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Finn Partners

101 Montgomery Street #1500

San Francisco, CA 94104

22 23


2016

illusive networks

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Endpoint Detection and Response Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

illusive networks’ premise is that “you cannot keep applying

the same approach hoping for a different result”.

It tackles cyber security from a different angle - the

perspective of the attackers. Focusing on the actors of

the attack, rather than just their instruments, it exploits

their vulnerabilities, changing the asymmetry of cyber

warfare.

illusive networks pioneered a new type of defensedeception

based cybersecurity. Its patent pending

Deceptions Everywhere ® technology is a deception

management system (DMS) that neutralizes targeted

attacks and Advanced Persistent Threats (APT). It distributes,

monitors and continuously manages deceptions by

weaving a deceptive layer over the entire network. This

means that every endpoint, server and network component

is coated with deceptions. The moment an attacker

penetrates the network, they are in an ‘illusive’ world

where all the data is unreliable.

Alternative ‘Solutions’

Before Deceptions Everywhere, enterprises were

relying on honeypot vendors. Honeypots have a low

detection rate, high level of false positives, are easily

traceable, hard to deploy and complicated to maintain.

They look for malware, but build passive honeypots that

the attackers may or may not stumble upon.

Illusive’s deceptions change dynamically over time

and best fit the environment. Highly dynamic, scalable

and effective, illusive differs from its competitors:

• identifies and visualizes attack risks before the

attack takes place

• visualizes where deceptions are deployed across

the network

• visualizes incident alert location on a map which

draws an entire attack campaign,

• DMS is self contained and does not rely on any

external tools

Deceptions Everywhere technolog y includes:

Attacker View - IT security professionals view their

network from an attacker’s perspective, visualizing

attack paths. Unlike mapping software, it shows attack

vectors found on each machine, and how attackers can

navigate the network to reach critical assets, allowing

security strategies to be adapted to mitigate against attacks.

Advanced Ransomware Guard - Automatically blocks

the ransomware operation at the source hosts, alerts the

defenders and also diverts it to encrypt phony or false

targets. Once ransomware attempts to access a network

or move laterally towards strategic assets, it immediately

detects the specific action, neutralizing the attack immediately

and automatically.

Wire Transfer Guard - The first cyber-deceptiondedicated

solution built to protect financial networks.

It effectively detects, reports on and mitigates targeted

attacks that pose high risk of financial and strategic damage

to financial institutions globally.

Additional benefits:

No more ‘false positive’ alerts - attackers act on false

information, are instantly detected.

Real-time forensics - Actionable breach report provides

real-time forensic information needed to contain

an attack “in its tracks”.

Low total cost of ownership - Users are not aware of

deceptions that are deployed and managed in an agentless,

low-fingerprint manner.

Conclusion

Deceptions Everywhere has detected many advanced

attackers as they tried to move laterally during an APT or

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.illusivenetworks.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

illusive networks recently released the first cyber deception

technology to protect wire transfer networks in financial

institutions. Wire Transfer Guard detects, reports and mitigates

targeted attacks that pose high risk of financial and strategic

damage to financial institutions worldwide.

https://www.illusivenetworks.com/press-releases/

illusive-networks-wire-transfer-guard-first-cyberdeception-technology-protecting-wire-transferbanking-networks-against-advanced-attacks-nowavailable

More information on illusive networks:

https://www.illusivenetworks.com/media-kit

Description:

http://www.

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Shlomo Touboul, CEO

illusive networks

office: Israel: + 972-54-4227780

U.S. cell: 1-248-797-1414

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

illusive networks

7 Tozeret Haaretz St., Tel Aviv, Israel 6789104

and

25 West 36th Street, 11th Floor, New York, NY 10018

Ransomware attack, thereby saving the customers

great losses. The attacker view also showed all the possible

attack vectors - including numerous attack paths

that were hidden to the client - allowing customers to

mitigate immediate risks, demonstrating real return on

investment.

24 25


2016

Wombat Security Technologies

2016 Finalist

Solution: CyberStrength Assessment Tool

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Compliance/Vulnerability Assessment Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Wombat is dedicated to creating the tools businesses

need to educate their employees on best security

practices. CyberStrength is one of these tools. It was

launched in 2013 and has since revolutionized the

concept of employee knowledge assessments, giving

breadth and depth to all areas of a security training program.

The scenario-based CyberStrength format offers a

less invasive way to evaluate knowledge levels and use

that information to plan a cybersecurity education plan

that will be the most effective at managing end-user risk.

CyberStrength is part of the Assess component of

Wombat’s Continuous Training Methodology. Organizations

that have used this cyclical, ongoing approach to

security awareness and training have realized up to a

90% reduction in successful external phishing attacks

and malware infections. Moreover, CyberStrength offers

a library of more than 150 questions in ten categories.

International organizations are able to use translated

content to evaluate employees in their native languages,

and administrators can create custom questions to

assess knowledge of company policies or compliancerelated

issues. In addition, Wombat developed seven

Predefined CyberStrength options to help administrators

streamline the evaluation process. Additionally,

security professionals can automatically assign follow-up

training for end users whose assessment results show a

gap in understanding that could equate to an increased

risk to organizational security.

CyberStrength is the first tool of its kind. It enables

businesses to create, administer, and analyze the results

of organization-wide cybersecurity knowledge evaluations.

Furthermore, its ability to identify areas of susceptibility

beyond phishing attacks supports Wombat’s

vision of an end-to-end security solution.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/security-education/security-awareness-knowledge-assessment

YouTube video:

https://www.youtube.com/watch?v=jBnzLGupBG8

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Dasha (Daria) Ivanova, Account Coordinator

SHIFT Communications

office: 512-792-2543

cell: 713-705-0158

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

SHIFT Communications

200 E 6th Street, #202

Austin, TX 78701

26 27


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Wombat Security Technologies

2016 Winner

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Email Security and Integrity Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Solution: PhishAlarm Analyzer (software companion

to PhishAlarm, an email analysis tool developed by

Wombat Security Technologies)

Launched in February 2016 and generally available

since July, PhishAlarm Analyzer is a software-based

phishing threat analysis tool that uses machine learning

to identify and prioritize reported phishing emails for

incident response teams. It is a companion to Wombat’s

PhishAlarm email reporting button, which is a component

of the company’s ThreatSim simulated phishing

assessment tool.

One of the main advantages of this tool is the ability

to apply machine learning techniques to identify

potential threats and prioritize reported messages

accordingly. Its rapid identification and categorization

of suspicious messages allows info security officers and

security response teams to isolate and address phishing

emails that have slipped past email filters, including

zero-hour attacks. Another advantage of the tool is the

ability to scan each reported email and establish risk levels

based on data gathered from real-world phishing and

spear phishing attacks. In contrast, competing solutions

of this type only consider an end users’ ‘trustworthiness’

and ‘accuracy’ in identifying threats, an approach

that negatively impacts the reliability of results given it

can take months or even years to precisely judge users’

reporting abilities.

PhishAlarm Analyzer helps businesses educate their

employees on best security practices. Key benefits

include rapid scanning, consolidation of email notifications,

multiple implementation options, easy-to-use

references, and targeted routing of reports. PhishAlarm

Analyzer does more than just rank emails and alert response

teams. It also provides an HTML research report

with each categorized message, alerting designated staff

to the sources of the IOCs that are present in the email.

This saves considerable time and effort, and allows security

teams to more effectively manage their resources

and target the most credible and imminent threats

within their email systems.

PhishAlarm Analyzer is a prime example of the advantages

of Wombat’s unique Continuous Training Methodology

allowing infosec officers and security response

teams to isolate and address phishing emails that have

slipped past email filters or unaware end users, including

zero-hour attacks.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Overview of the product (Blog Post):

https://info.wombatsecurity.com/blog/phishalarmanalyzer-prioritizes-reported-emails-for-faster-remediation

https://www.wombatsecurity.com/security-education/phishalarm-and-analyzer

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Dasha (Daria) Ivanova, Account Coordinator

SHIFT Communications

office: 512-792-2543

cell: 713-705-0158

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

SHIFT Communications

200 E 6th Street, #202

Austin, TX 78701

28 29


2016

HID Global

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

www.hidglobal.com

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Andrea Lloyd, Manager, Corporate Communications

HID Global

office: +1 512 776 9233

cell: +1 512 965 2341

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

alloyd@hidglobal.com

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Identity Management Platform

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

HID Global is the first to enable end-to-end identity access

management solution across both physical and IT

resources. The HID PIV (Personal Identity Verification)

solutions span the full range of identity proofing and

lifecycle management capabilities to establish, create,

use, and manage a secure credential with a simplified

path to compliance. HID PIV leverages the same government-strength

security standards that have already been

deployed to more than seven million people across

the world. Organizations benefit from the ecosystem

created by this large footprint, with many applications,

operating systems, and devices natively supporting PIV

credentials.

This one of a kind solution provides governments

and regulated industries an easy to deploy, multi-factor

authentication solution. It secures access to networks,

cloud applications and facilities to prevent breaches and

achieve compliance with PIV, PIV-I, NIST Level of Assurance

4 (LoA4) and equivalent mandates, policies and

guidelines.

Benefits:

• Comprehensive Security and Trust – HID PIV

leverages existing standards and extends it to

facilities access, systems, networks, and

applications resulting in a better security position.

• Simplified User Experience – By incorporating

more capabilities into a single smart card or USB,

users have fewer credentials to remember in order

to get access to what they need to do their jobs,

and are less likely to circumvent your controls.

• Easier Deployment and Management – The

components of HID PIV are designed to work

seamlessly together, so it is faster to get up and

running, and easier to manage over time.

• A Complete System – HID PIV delivers the

entire PIV management process from establishing

identity, to credential creation and issuance,

synchronization of connected systems, and

credential revocation.

HID PIV is available in two options – Enterprise and

Express, which includes the following:

• Flexible identity proofing up to NIST Identity

Assurance Level 3 requirements

• ActivID ® Credential Management System (CMS)

for secure management of credential deployment.

• Smart cards and USB dongles supporting up to

NIST Authenticator Level 3; proximity, iCLASS and

Seos ® combo credential technologies; and ActivID

CMS applets

• Credentials support one time passwords (OTPs),

biometrics data and HID’s IdenTrust digital

certificates used by the US Federal Government

HID PIV Enterprise also includes the company’s Quantum

Secure SAFE platform, a Physical Identity and

Access Management (PIAM) software solution that

provides the bridge between physical and IT security

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

HID Global

611 Center Ridge Drive

Austin, TX 78753

systems. The SAFE Platform augments HID PIV Enterprise

with a variety of convenient, unified access control

capabilities that deliver a more comprehensive view

across otherwise disparate physical access control and

visitor, tenant and contractor management systems,

while also providing valuable reporting and predictive

risk analytics capabilities.

For maximum ease of procurement, deployment

and maintenance, customers can take advantage of the

full HID solution or leverage existing third party components

to maximize existing investments. The HID

PIV solution helps organizations improve their security

posture, comply with mandates, improve the user experience

and is easier to procure, deploy and maintain.

30 31


2016

Identiv

2016 Finalist

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best User & Entity Behavior Analytics (UEBA) Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Federal agencies are feeling pressured to adopt government-wide

Federal Identity, Credential, and Access

Management (FICAM) compliant physical access control

systems (PACS). Identiv’s Hirsch government FICAM

solution offers a true end-to-end HSPD-12 solution that

eliminates the need for expensive third-party credential

management hardware. The net benefit is an overall solution

that is more secure, faster, and less expensive to

deploy and authorize access than first-generation FICAM

solutions.

Identiv’s Hirsch Velocity Certificate Service is compatible

with existing Velocity systems running Velocity 3.6

after application of a feature pack. All existing systems

have the ability to be upgraded through software updates.

Identiv’s Professional Services Group (PSG) can

also provide transition planning support to upgrade

existing systems. FISMA, COOP, and enterprise PACS

solutions are also available.

Identiv’s Secure Network Interface Board 3 (SNIB3)

is an expansion component update for Hirsch Mx and

DIGI*TRAC Controllers. It is a sophisticated, secure

communication device that has dedicated processors to

efficiently handle encryption and management operations.

SNIB3 is used to manage PKI certificate data for

door access as provisioned by Velocity. Using FIPS 140-2

certified encryption technology, SNIB3 serves as the

communication hub from controller to Velocity using a

secure TCP/IP protocol.

Identiv’s RS485 Reader Expansion Board (RREB)

is a unique reader communication device that installs

onto the expansion cable of Hirsch Mx and DIGI*TRAC

Controllers and features eight RS-485 communication

ports, capable of supporting 16 readers on eight doors.

The RREB makes it possible to have extremely high data

rates with up to 16 PIV smart card readers while using

Open Supervised Device Protocol (OSDP).

Identiv’s uTrust TS Government Readers are the industry’s

most flexible and secure intelligent door reader

endpoints, enabling agencies to deploy a highly secure

U.S. government FICAM CAK at a fraction of the cost

of competing solutions. ScramblePad and static keypad

models are available. The readers have RS-485 and

Wiegand connections, support PoE power, and can be

configured to support thousands of different card technologies.

Existing uTrust TS Government Readers are

flash upgradeable to enable the FICAM solution without

needing to replace current readers.

In summary, Identiv’s FICAM solution is faster and

less expensive. It provides customers a low-cost, simple

to deploy, secure solution for FICAM compliance. The

time required to upgrade existing Hirsch Velocity PACS

is significantly less than competitor’s solutions, allowing

federal agencies to meet rapidly approaching compliance

deadlines. The time and cost to deploy new systems

or transition from another system is offered at the

same extreme value as other Hirsch solutions.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

identiv.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Identiv’s End-to-End Federal Identity, Credential, and Access

Management (FICAM) Solution was developed to implement

a simple, affordable FICAM-compliant solution simply with

optimal performance:

identiv.com/ficam

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Anja Pellegrino, Sr. Content Manager

Identiv

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

apellegrino@identiv.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Identiv Federal Headquarters

2425 Wilson Blvd., Suite 325

Arlington, VA 22201

32 33


2016

Identiv

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Physical/Logical Privileged Access Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Federal agencies are feeling pressured to adopt government-wide

Federal Identity, Credential, and Access

Management (FICAM) compliant physical access control

systems (PACS). Identiv’s Hirsch government FICAM

solution offers a true end-to-end HSPD-12 solution that

eliminates the need for expensive third-party credential

management hardware. The net benefit is an overall solution

that is more secure, faster, and less expensive to

deploy and authorize access than first-generation FICAM

solutions.

Identiv’s Hirsch Velocity Certificate Service is compatible

with existing Velocity systems running Velocity 3.6

after application of a feature pack. All existing systems

have the ability to be upgraded through software updates.

Identiv’s Professional Services Group (PSG) can

also provide transition planning support to upgrade

existing systems. FISMA, COOP, and enterprise PACS

solutions are also available.

Identiv’s Secure Network Interface Board 3 (SNIB3)

is an expansion component update for Hirsch Mx and

DIGI*TRAC Controllers. It is a sophisticated, secure

communication device that has dedicated processors to

efficiently handle encryption and management operations.

SNIB3 is used to manage PKI certificate data for

door access as provisioned by Velocity. Using FIPS 140-2

certified encryption technology, SNIB3 serves as the

communication hub from controller to Velocity using a

secure TCP/IP protocol.

Identiv’s RS485 Reader Expansion Board (RREB)

is a unique reader communication device that installs

onto the expansion cable of Hirsch Mx and DIGI*TRAC

Controllers and features eight RS-485 communication

ports, capable of supporting 16 readers on eight doors.

The RREB makes it possible to have extremely high data

rates with up to 16 PIV smart card readers while using

Open Supervised Device Protocol (OSDP).

Identiv’s uTrust TS Government Readers are the industry’s

most flexible and secure intelligent door reader

endpoints, enabling agencies to deploy a highly secure

U.S. government FICAM CAK at a fraction of the cost

of competing solutions. ScramblePad and static keypad

models are available. The readers have RS-485 and

Wiegand connections, support PoE power, and can be

configured to support thousands of different card technologies.

Existing uTrust TS Government Readers are

flash upgradeable to enable the FICAM solution without

needing to replace current readers.

In summary, Identiv’s FICAM solution is faster and

less expensive. It provides customers a low-cost, simple

to deploy, secure solution for FICAM compliance. The

time required to upgrade existing Hirsch Velocity PACS

is significantly less than competitor’s solutions, allowing

federal agencies to meet rapidly approaching compliance

deadlines. The time and cost to deploy new systems

or transition from another system is offered at the

same extreme value as other Hirsch solutions.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

identiv.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Identiv’s End-to-End Federal Identity, Credential, and Access

Management (FICAM) Solution was developed to implement

a simple, affordable FICAM-compliant solution simply with

optimal performance:

identiv.com/ficam

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Anja Pellegrino, Sr. Content Manager

Identiv

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

apellegrino@identiv.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Identiv Federal Headquarters

2425 Wilson Blvd., Suite 325

Arlington, VA 22201

34 35


2016

Wombat Security Technologies

2016 Finalist

CyberStrength Assessment Tool

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Compliance/Vulnerability Assessment Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Wombat is dedicated to creating the tools businesses

need to educate their employees on best security

practices. CyberStrength is one of these tools. It was

launched in 2013 and has since revolutionized the

concept of employee knowledge assessments, giving

breadth and depth to all areas of a security training program.

The scenario-based CyberStrength format offers a

less invasive way to evaluate knowledge levels and use

that information to plan a cybersecurity education plan

that will be the most effective at managing end-user risk.

CyberStrength is part of the Assess component of

Wombat’s Continuous Training Methodology. Organizations

that have used this cyclical, ongoing approach to

security awareness and training have realized up to a

90% reduction in successful external phishing attacks

and malware infections. Moreover, CyberStrength offers

a library of more than 150 questions in ten categories.

International organizations are able to use translated

content to evaluate employees in their native languages,

and administrators can create custom questions to

assess knowledge of company policies or compliancerelated

issues. In addition, Wombat developed seven

Predefined CyberStrength options to help administrators

streamline the evaluation process. Additionally,

security professionals can automatically assign follow-up

training for end users whose assessment results show a

gap in understanding that could equate to an increased

risk to organizational security.

CyberStrength is the first tool of its kind. It enables

businesses to create, administer, and analyze the results

of organization-wide cybersecurity knowledge evaluations.

Furthermore, its ability to identify areas of susceptibility

beyond phishing attacks supports Wombat’s

vision of an end-to-end security solution.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/security-education/security-awareness-knowledge-assessment

YouTube video:

https://www.youtube.com/watch?v=jBnzLGupBG8

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Daria Ivanova, Account Coordinator

SHIFT Communications

office: 512-792-2543

cell: 713-705-0158

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

divanova@shiftcomm.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

SHIFT Communications

200 E 6th Street, #202

Austin, TX 78701

36 37


2016

Forcepoint

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Network Security/Enterprise Firewall

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Forcepoint Stonesoft ® Next Generation Firewall

Forcepoint’s network security solution Stonesoft® Next

Generation Firewall (NGFW) connects and secures distributed

government agency offices, branches and cloud

systems with the industry’s greatest ease, efficiency, and

reliability.

Stonesoft is designed for government agencies from

the ground up to enable interoperability between multiple

organizations to securely connect people and data

everywhere the mission takes them – from inside headquarters

out to the field and up to the cloud.

With Stonesoft, agencies centrally deploy, monitor

and update thousands of firewalls and intrusion prevention

systems to dramatically reduce administrative

burdens and costs. Stonesoft’s unique high-availability

architecture and Smart Policy system is scalable and

resilient at all levels, practically eliminating downtime

while boosting performance.

Most of all, Forcepoint excels at both networking and

security. As the industry’s pioneer in Advanced Evasion

Technique (AET) defenses and proxy technologies for

mission-critical applications, we’re relied upon to protect

many of the most sensitive networks and data.

Stonesoft delivers superior networking and security,

so agencies can be more:

• Effective – The Stonesoft Security Management

Center (SMC) slashes the complexity and costs of

creating and managing networks of thousands of

NGFWs and IPSs – from central command centers

out to remote locations and up into the cloud.

• Efficient – Our high-availability architecture is

unmatched, providing more scalability, longer

lifetime, and lower OpEx while eliminating

downtime.

• Secure – We excel at both networking and security

and our proxy technology protects the most sensitive

networks in the world.

In November of 2016, NSS Labs gave Stonesoft their

highest Next-Generation Firewall (NGFW) rating

“Recommended” four years in a row and also a “Recommended”

rating for Next-Generation Intrusion Prevention

System (NGIPS) in 2016, with a perfect record of

blocking advanced evasions.

Productivity in a government environment comes

from visibility through correlation, extremely detailed

overviews and reporting capabilities. Stonesoft not only

manages and correlates engine traffic and feeds, it monitors

third party devices, and integrates with endpoint

client agents. This ensures a full picture of point-topoint

analytics for an agency’s network security environment.

Stonesoft’s mission critical features include:

• Robust Security – Enable 16 node active-active

firewall clustering to further increase uptime and

speeds and feeds on daily traffic and VPNs, while

ensuring smart validity checks to administrative

changes.

• Unique Proxy Functionality – Within the Stonesoft

Management Console (SMS) leverage advanced

levels of inspection control with attributes,

connection parameters and commands for specific

proxies.

• Plug-and-Play Deployment – Deploy Stonesoft

NGFW instantly at remote sites without sending a

technician and without shutting down missioncritical

networks affecting national security.

• Simple, Precise Firewall Policies – Avoid errors and

security holes with Smart Policies that are easy to

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.forcepoint.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Forcepoint Stonesoft ® NGFW: Optimize and scale network

security:

https://www.forcepoint.com/product/network-security/forcepoint-stonesoft-next-generation-firewall

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Jeff Hunter, Federal Product Marketing Manager

Forcepoint

office: 1-703-537-3969

cell: 1-703-989-1686

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

jeff.hunter@forcepoint.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Forcepoint

12950 Worldgate Dr., Ste. 600

Herndon, VA 20170

comprehend and more efficient to maintain.

• Update Without Service Windows – Push new

policies and updates without downtime for the most

critical networks.

• Unmatched Security – Stonesoft is the only security

solution to protect against highly sophisticated and

dynamic AETs for the most mission-critical

applications.

• Dynamic Agility – Use the same software for a

variety of protection roles.

Stonesoft is the premier solution for government agencies

looking for the highest level of network security in

complex and mission-critical environments.

38 39


2016

Waratek

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Application Security Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

The majority of government agencies still run customdeveloped,

mission critical applications on out-of-date

versions of Java. Most of these applications cannot be

taken offline to install updates, and the quarterly frequency

of critical patch updates overwhelms IT staff.

Waratek has developed a disruptive new approach by

virtualization-based to application security called Runtime

Application Self Protection (RASP). This approach

makes enterprise applications self-protecting by providing

transparent, secure RASP containers for web applications

deployed in on-premises datacenters and cloud

environments, protecting new and legacy applications

without the need to make any code changes or impacting

application performance. Waratek delivers out of

the box protection for enterprise applications and data

from logic attacks like SQL Injection, network attacks,

unpatched vulnerabilities at runtime, and unknown

attacks.

Waratek monitors, detects and blocks threats from

within the Java Runtime Environment (i.e. JVM) in realtime,

to enable applications to self-protect from the inside

out. With Waratek, organizations gain visibility into

malicious activity, enforce security policies and virtually

patch vulnerabilities at runtime. The platform mitigates

against vulnerabilities in legacy application platforms,

third party and open source code, and effectively counters

“zero day” malware. Waratek automatically modernizes

any web application running on a legacy version of

Java by updating it with all the security and performance

improvements inherent to the Java 8 OS without changing

even one line of code or performing a restart.

Unlike other RASP solutions, Waratek uses a virtualization-based

approach to create secure containers for

protected applications. As a result, it does not require

any code changes, or hardware and does not impact the

performance of the application. With Waratek, all future

routine and emergency security patches can be applied

virtually without taking the application out of production.

Waratek’s unique virtualization-based approach

eliminates the need for enterprises to re-write or modify

their applications, which significantly reduces the cost

of ownership compared to traditional RASP products.

Meanwhile, Waratek protects up to 98 percent of an

application’s attack surface from known and unknown

vulnerabilities without generating false positives by

monitoring activity within the JVM in real-time. This

eliminates the constant tuning and rule-writing associated

with web application firewalls. In addition, Waratek

can virtually patch applications that cannot be patched

or taken out of production for patching, using its virtual

patching capabilities. These combined capabilities

significantly reduce total cost of ownership compared

to other web application security products. Finally,

since Waratek creates a secure container within the Java

Runtime Environment, it can protect an infinite number

of applications without introducing any scalability,

performance degradation, management or configuration

issues.

According to Gartner Inc.’s Top 10 Security Predictions

2016, by 2020, 40 percent of enterprises will

secure developed applications by adopting application

security self-testing, self-diagnosing and self-protection

technologies.

Gartner recommends companies adopt runtime application

self protection (RASP).

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

www.waratek.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

A short video depicting the technology:

https://youtu.be/z8PRaAE4Y9E?rel=0

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron, President

Marc Gendron Public Relations

office: 781-237-0341

cell: 617-877-7480

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

marc@mgpr.net

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron Public Relations

190 Lower County Road

West Harwich, MA 02671

• Most Valuable Product in Computer Technology

Review CTR MVP Awards 2015

• SIIA NextGen winner 2015

• SIIA CODiE finalist 2015

• Cyber Defense Magazine Infosec Leader 2015

• CRN Top 20 Coolest Cloud Security Vendors For

2016

Customer case examples:

The company has garnered recognition and awards, A Global Bank inventoried hundreds of internal applications,

and found a multitude of Java versions for which

including:

• Innovation Sandbox winner of Most Innovative quarterly releases of security vulnerabilities is commonplace.

A traditional upgrade or patching approach

Company, RSA Conference 2015

• CRN Top 20 Coolest Cloud Security Vendors For was unfeasible. Even if it were, it would have imposed

2016 Continued on next page

40 41


a huge cost and operational burden on the business,

while impacting the bank’s agility and customer responsiveness.

The Bank integrated Waratek’s security technology

into their application hosting platform. This resolved

the Java patching issue, as well as remediated other

issues such as SQL Injection attacks, in a manner that

is transparent to the applications. The net result was a

dramatic reduction and avoidance of security patching

costs, while improving security and preserving the agility

of the organization.

The centralized virtual patching capabilities provided

by Waratek across hundreds of applications eliminated

the need for the bank’s application development to

upgrade to new versions of Java along with the associated

testing and deployment activities. This saves time

and money, and reduces business impact by minimising

application downtime. It also enables the bank to

focus on improving its applications and infrastructure to

better serve customers and shareholders. With Waratek,

the bank has a solution to a difficult security problem

which significantly reduces its risk and exposure to data

breaches.

42 43


2016

Claroty

2016 Finalist

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Industrial Cybersecurity Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Claroty exited stealth mode at the right time, with the

right team and the right technology to leverage the

burgeoning, yet underserved market for Operational

Technology (OT) security – a market Gartner predicts

will double by 2020.

Vendors have attempted to tackle industrial control

system (ICS) cybersecurity challenges twice previously:

first with legacy IT security products, and then with IT

point solutions retrofitted for ICS environments. Neither

approach addressed core ICS cybersecurity issues;

did not work in the very different ICS environment; and

did not foster the necessary dialogue between OT and

IT teams that is essential for effective OT security. Everything

about OT – from protocols to staff – is different

and requires technology specifically designed for that

environment. Claroty was founded not just to bridge the

gap between OT and IT, but with a mission to secure

and optimize the industrial control networks that run

the world.

Launching in September with $32 million in venture

capital, Claroty is the most substantially funded

ICS cybersecurity startup. The company boasts an elite

management team with deep experience in both IT and

OT disciplines. And the Claroty Platform – born from

this combined IT and OT expertise – is supported by

an unrivaled ICS security research organization that

comprises the “top 1% of the 1%” from a special Israeli

Defense Force cyberunit.

Purpose-built for OT environments, the Claroty

Platform is designed to safely monitor ICS, SCADA and

other critical networks. It uncovers previously hidden

issues and alerts cybersecurity teams and system operators

to malicious attacks and process integrity issues

that may impact industrial operations. Claroty generates

context-rich alerts, summarizing multiple associated

events into a single robust notification for rapid

investigation and response, and improved operational

resilience. The Platform’s other differentiating features

include: deeper visibility across all OT layers; broadest

protocol coverage; superior anomaly and change detection;

continuous, real-time monitoring; and safe, “passive”

deep packet inspection.

Notably, Claroty achieved several significant customer

milestones well before its September launch. Securing

multiple seven-figure deals, the Claroty Platform has

been implemented in complex enterprise-class networks

across dozens of industry verticals for more than a year.

Underscoring this early customer success, a CISO from

a global Fortune 100 organization explains his engagement

with Claroty: “We are using Claroty to add security

monitoring to our control systems around the world

– an important part of our business where security was

not previously thought of or architected in. We selected

Claroty to give us greater visibility into the shop floor

environment – both the assets that are there and the

activities taking place. Equipped with this additional

visibility we are able to increase productivity and make

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.claroty.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Claroty Solution Brief:

https://s3.amazonaws.com/claroty-public/Claroty_

Solution_Brief.pdf

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Carro Halpin, Account Executive

CHEN PR

office: 781-672-3132

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

chalpin@chenpr.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

CHEN PR

71 Summer Street, Penthouse

Boston, MA 02110

process improvements in addition to enhance security.”

Additionally, market research analysts are lauding

Claroty’s approach. In April, Gartner named Claroty

a “Cool Vendor” in the publication “Cool Vendors

in Smart City Application Solutions, 2016.” The firm

noted that what makes the company cool is the Claroty

Platform, “which detects suspicious and/or anomalous

system activity within industrial environments in realtime

for rapid mitigation, a requirement for most eventdriven

industrial systems.”

44 45


2016

CyberArk

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Continuous Monitoring and Mitigation Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Privileged account protection and threat detection are

at the center of many federal requirements designed to

secure agencies from both internal and external threats.

Third-party contractors, like Harold Martin and Edward

Snowden, add another significant layer of complexity.

Contractors are typically not controlled by an organization’s

internal policies, yet they often have the same – or

greater – levels of privileged access to internal networks

and information.

The CyberArk Privileged Account Security Solution

offers proactive protection of privileged credentials and

threat detection of privileged account activities, while also

enabling federal organizations to respond to advanced

threats. Proactive protection includes the secure storage

and management of privileged credentials, monitoring

and isolation of privileged account sessions, and the

enforcement of least privilege and application control at

the endpoint. The CyberArk solution also features targeted

analytics and the ability to analyze network traffic to better

detect indications of an attack early in the lifecycle, includ-

ing credential theft, lateral movement and privilege escalation.

Incident response teams use CyberArk to quickly

identify threats and shut down in-progress attacks.

Specifically, with its privileged threat analytics capabilities,

CyberArk enables government entities to dramatically

shorten an attacker’s window of opportunity and reduce

damage; rapidly detect attacks with analytics based on

built-in and continuously-updated algorithms; prioritize

incidents that require immediate attention by conducting

event correlation and raising the risk score on critical incidents;

adapt threat detection to a changing risk environment

with machine learning algorithms that continuously

adjust baseline behavior profiles as authorized behavior

changes over time; and automatically respond to a suspected

stolen privileged credential to stop an attacker’s

movement and accelerate remediation.

With its privileged session monitoring capabilities, CyberArk

can isolate, monitor, record and control privileged

sessions on critical systems including Unix and Windowsbased

systems, databases and virtual machines to meet

specific Federal guidelines around continuous monitoring.

The solution acts as a jump server and single access

control point, prevents malware from jumping to a target

system, and records keystrokes and commands for continuous

monitoring. The resulting detailed session recordings,

DVR-like playback and audit logs are used to simplify

compliance audits and accelerate forensics investigations.

The CyberArk Privileged Account Security Solution was

recently added to the U.S. Department of Defense (DoD)

Unified Capabilities Approved Products List (UC APL). At

the time of its inclusion, CyberArk was the only comprehensive

privileged account security solution on the list.

The solution also received the U.S. Army Certificate of

Networthiness (Army CoN). These key government recognitions

are added to CyberArk’s Common Criteria Evaluation

Assurance Level EAL 2+ certification.

CyberArk is trusted by more than 2,800 customers,

including 45 percent of the Fortune 100 and more than 25

percent of the Global 2000. As of Q3 2016, CyberArk has

contracts in all three branches of the U.S. Federal government

and across more than 15 distinct departments or

agencies, among others. CyberArk can help meet security

and compliance requirements in Federal organizations including

FISMA/NIST SP 800-53; Department of Homeland

Security CDM Program; NERC-CIP; and HSPD-12.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

www.cyberark.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

CyberArk security and compliance for government organizations

web page:

www.cyberark.com/solutions/federal-government-solutions/

CyberArk Privileged Account Security Solution web page:

http://www.cyberark.com/products/privileged-accountsecurity-solution/

CyberArk Privileged Session Manager web page:

http://www.cyberark.com/products/privileged-accountsecuritysolution/privileged-session-manager/

CyberArk Privileged Threat Analytics web page:

http://www.cyberark.com/products/privileged-accountsecuritysolution/privileged-threat-analytics/

NIST SP 800-53 Revision 4: Implementing Essential Security

Controls with CyberArk® Solution - link to whitepaper:

http://www.cyberark.com/resource/nist-sp-800-53-revision-4-implementing-essential-security-controls-cyberarksolutions/

Addressing the NIST SP 800-171 CUI requirements with Cyber-

Ark - link to white paper:

http://www.cyberark.com/resource/addressing-nist-sp-

800-171-cui-requirements-cyberark/

CyberArk for NERC Secured Remote Access - link to white paper:

http://www.cyberark.com/resource/cyberark-nerc-secured-remote-access/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Liz Campbell, Sr. Manager, Corporate Communications

CyberArk

office: 617-558-2191

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

liz.campbell@cyberark.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

CyberArk

60 Wells Avenue

Newton, MA 02459

46 47


2016

Gurucul

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of IT and Cybersecurity Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best User & Entity Behavior Analytics (UEBA) Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Gurucul is changing the way government entities and

enterprises protect themselves against insider threats,

account compromise, targeted attacks, cyber fraud, data

exfiltration and external intruders in the cloud, onpremise,

and in hybrid environments. The company has

pioneered a new cybersecurity category called user and

entity behavior analytics (UEBA). Gurucul was the only

vendor that analyst firm Gartner cited for meeting all

five use cases outlined in their Market Guide for UEBA

report: security management, insider threats, data exfiltration/DLP,

identity access management, SaaS security,

plus Gurucul met their extra qualifications for compliance

and cyber fraud.

Gurucul’s cyber security platform, Gurucul Risk

Analytics (GRA), goes beyond traditional solutions that

are based on rules, signatures and patterns. The U.S.

Government has been affected by an increasing number

of attacks, such as those targeting the IRS and the

OPM, that exposed vast amounts of sensitive informa-

tion. To detect threats early in the “kill chain,” Gurucul

GRA ingests huge volumes of data generated by user

access and activity across on-premise and cloud applications

to identify anomalous behavior that spans time,

place, access and actions. Gurucul GRA also includes

identity analytics (IdA) to identify and eliminate excess

access, access outliers, orphan and dormant accounts.

Gurucul’s holistic approach of combined UEBA and IdA

provides a 360-degree context for identity, accounts,

access and activity, and is uniquely capable of detecting

cyber threats that appear “normal” to traditional security

products while identifying advanced security threats

and low-and-slow attacks in their early stages, with an

extremely low false positive rate.

Traditional rules-based detection cannot keep pace

with today’s sophisticated and targeted attacks. Rules,

patterns and signatures are based on a historical understanding

of attacks and a limited understanding of the

data. They cannot predict future attack scenarios, and

they generate excessive alerts. In contrast, Gurucul GRA

monitors information on how identities are being used

by both humans and machines, modeling hundreds of

attributes and applying machine learning algorithms to

create a rich source of “context”. Gurucul GRA derives

and then leverages useful and predictive cues that are

too noisy and highly dimensional for humans and traditional

software to analyze within its machine learning

models. Not only does this AI allow Gurucul GRA to

identify security threats, even low-and-slow attacks, but

also to predict a threat in its early stages, allowing for

efficient remediation with an embedded case ticketing

or integration with third party case management.

Unlike machine learning solutions that rely on static

peer groups, Gurucul GRA automatically builds baseline

behavior around an identity, compares it against

‘dynamic’ peer groups with similar behavior profiles

and provides a real-time risk-ranked, 360 degree view

of who is accessing what applications and data, on what

devices, at what time, and in what locations. This greatly

improves clustering and outlier analysis for more accurate

behavior patterns resulting in lower false positives

than using static peer groups.

While most UEBA solutions are on-premises only,

or require another partner solution for cloud visibility,

Gurucul GRA provides a cloud API-based solution for

visibility into SaaS, IaaS, PaaS and IDaaS solutions. Thus

Gurucul GRA delivers a unique hybrid-UEBA approach

that extends across both on-premises and cloud. UEBA

as a feature within multiple solutions results in a divided

and less contextually rich outcome for anomaly

detection and risk scoring.

An industry-first, Gurucul GRA features a self-audit

Continued on next page

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://gurucul.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Link to Gurucul Risk Analytics (GRA):

http://gurucul.com/gurucul-risk-analytics

Gurucul STUDIO:

http://gurucul.com/pressreleases/gurucul-studio-enables-it-security-teams-to-build-custommachine-learning-modelsthat-detect-user-entitybased-threats-and-risks

Gurucul Self Audit:

http://gurucul.com/solutions/self-audit

SC Magazine product review:

http://www.scmagazine.com/gurucul-risk-analytics/

review/4399/

Dark Reading article by Gurucul CEO Saryu Nayyar, explaining:

The Blind Spot Between The Cloud & The Data

Center:

http://www.darkreading.com/vulnerabilities-

--threats/the-blind-spot-between-the-cloud-and-thedata-center/a/d-id/1326063?

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron, President

Marc Gendron Public Relations

office: 781-237-0341

cell: 617-877-7480

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

marc@mgpr.net

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Marc Gendron Public Relations

190 Lower County Road

West Harwich, MA 02671

48 49


capability that empowers users to monitor their access

for risk-ranked anomalous and suspicious activity,

similar to the feedback loop that credit cards and credit

monitoring agencies provide for their customers. The

rich context that users provide goes beyond the knowledge

of security analysts in security operation centers to

identify and confirm anomalies. Self audits also provide

security awareness and deterrence as key elements of an

insider threat program.

Gurucul GRA allows customers to implement data

lakes of their choice with the ability to compute and

store on big data for higher performance and increased

data variety than legacy architectures. This provides

efficiencies for machine learning models and significant

savings by avoiding SIEM indexing fees, proprietary storage

and data transfer fees.

Gurucul’s newest release of GRA includes another

innovation: Gurucul STUDIO. The intuitive step-by-step

graphical interface does the heavy lifting to enable customers

in highly regulated organizations, government

agencies and the intelligence community to create their

own custom machine learning models without the need

for data science expertise or coding. Along with an open

choice for big data, GRA also includes a flex data connector

to ingest legacy (i.e. mainframe, building access

systems) or new (i.e. SaaS apps, CASBs) data sources

without coding or professional services. This enables

customers to analyze any dataset with desired attributes

through machine learning models with predictive risk

scoring outcomes.

Finally, Gurucul GRA is a proven big-data security

analytics solution that is successfully deployed by government

agencies and global Fortune 500 companies

across the financial, healthcare, technology, retail and

manufacturing sectors.

Gurucul has been recognized in several high profile

awards and reports, including:

2016 SC Magazine US for Best Behavior Analytics/

Enterprise Threat Detection platform

2016 SC Magazine Europe for Best Behavior

Analytics/Enterprise Threat Detection platform

• 2015 and 2014 SINET Innovator awards

2016 Cyber Defense Magazine winner in three

categories:

- Best of Breed User Behavior Analytics Solutions

for 2016

- Best Insider Threat Prevention Solution for 2016

- Hot Company for Insider Threat Detection

Solutions for 2016

• 2014 Gartner Cool Vendor in Identity and Access

Management

Gurucul company and product updates: http://gurucul.

com/press

50 51


The GSN 2016 Homeland Security Awards

Category #1: Vendors of IT Security Products and Solutions

Best Industrial Cybersecurity Solution

Aperio Systems

winner

aperio-systems.com

Best Compliance/Vulnerability

Assessment Solution

RiskVision

finalist

riskvisioninc.com

Best Network Security/Enterprise Firewall

ViaSat, Inc

finalist

viasat.com

Best Endpoint Detection

and Response Solution

Tychon

finalist

tychon.io

Best Anti-Malware Solution

Passages

finalist

getpassages.com

Best Security Incident and

Event Management (SIEM) Solution

Solar Winds

winner

solarwinds.com

Best Continuous Monitoring &

Mitigation Solution

Netwrix Corporation

finalist

netwrix.com

Best Big Data Analytics Solution

Securiport

winner

securiport.com


The GSN 2016 Homeland Security Awards

Category #1: Vendors of IT Security Products and Solutions

Best Data Security/Loss Management

Solution

Spirion

winner

spirion.com

Best Identity Management Platform

Forum Systems

finalist

forumsys.com

Best Endpoint Detection and Response

Solution

Bromium

winner

bromium.com

Best Big Data Analytics Solution

Sqrrl

winner

sqrrl.com

Best Server Security Solution

Blueridge

winner

blueridge.com


The GSN 2016 Homeland Security Awards

Category #2: Vendors of Physical Security Products and Solutions

Judging in this category is based on a combination of:

• Increase in client organization

• Technological innovation or improvement

• Filling a recognized government IT security need

• Flexibility of solution to meet current and future organizational needs

PHYSICAL SECURITY, ACCESS CONTROL,

IDENTIFICATION, COMMUNICATIONS

Best Biometric Identification System

No Entry

Best Access Control Hardware

Identive - Winner

Best Mass Notification System

Amplifox Sound Systems - Winner

LRAD 2 - Finalist

Rave Mobile Security - Finalist

Best Acoustic Hailing Service

Amplivox Sound System - Finalist

LRAD - Winner

DETECTION PRODUCTS

Best Chemical Detection Product or Solution

FLIR - Winner

Best Explosives Detection Product or Solution

FLIR - Winner

Best Nuclear/Radiation Detection Solution

FLIR - Winner

Best Automated License Plate

Recognition (ALPAR)

Perceptics LLC - Winner

Best Spherical Situational

Awareness Imaging Technology

IC Realtime - Winner

OTHER PRODUCTS

Best Perimeter Protection,

Intrusion Detection System

Ross Technology Corporation - Winner

Best Crash Barriers

(Gates, Fences, Barriers, Bollards)

Ross Technology Corporation - Winner

Best Guard Booths

B.I.G Enterprises – Winner

SERVICES/EDUCATION

Best Disaster Preparedness,

Recovery, Clean-up

High Rise Escape Systems Inc - Winner

Best Asset Tracking

With Pairing Technology

Offsite Vision Holdings - Winner

Best Lock-Down and 9-1-1 Notification

in Active Shooter Situations

Rave Mobile Safety - Winner

Best Active Shooter

Gunshot Detection Solution

Shooter Detection System - Winner

56 57


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

LRAD Corporation

2016 Winner

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Acoustic Hailing Service

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

www.LRAD.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

https://www.lradx.com/lrad_products/lrad-rxl/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Robert Putnam, Sr. Marketing Manager

LRAD Corporation

office: 858-676-0520

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

rputnam@lradx.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

LRAD Corporation

16990 Goldentop Road, Ste. A

San Diego, CA 92127

Designed for integrated applications, the LRAD 950RXL

can be controlled remotely across an IP network enabling

system operators to create a fully functional,

unmanned perimeter security solution and respond to

potential threats from a safe location. The LRAD 950RXL

achieves a maximum peak output of 156dB and broadcasts

highly intelligible voice messages and warning

tones from close range up to 3,000 meters. The LRAD

950RXL’s ability to immediately interact with a potential

threat remotely provides security personnel additional

time and distance to accurately assess situations and

scale their response appropriately. The LRAD 950RXL

reduces manpower, false alarms and deadly incidents

while providing a highly effective and cost efficient,

remote response security solution.

58 59


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Rave Mobile Safety

2016 Winner

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Lock-Down and 9-1-1 Notification in Active

Shooter Situations

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Rave Panic Button is the industry leading one button

panic mobile application. In seconds, Rave Panic Button

clearly communicates an emergency to 9-1-1, on-site

personnel, and first responders. As a result, response

times are shortened and first responder safety is improved.

According to the FBI, only 31% of active shooter

incidents last longer than 5 minutes. With Rave Panic

Button, staff, security, and on-site personnel will be immediately

notified of an incident and can initiate emergency

procedures before first responders arrive.

In August 2015, the state of Arkansas deployed Rave

Panic Button statewide to protect more than half million

students, faculty, and staff. Since then they have

seen countless examples of how Rave Panic Button has

saved lives. In one instance, a student brought a gun on

campus. Within 1 minute of pushing the panic button, a

school resource officer was on the scene and lockdown

procedures started. In two minutes, a second school

resource officer arrived. In 8 minutes, first responders

arrived on the scene, secured the gun, and prevented

any injuries or deaths that day.

When Rave Panic Button initiates the 9-1-1 call, a 9-1-

1 call taker instantly sees where the call is coming from,

who pushed the panic button, and what type of emergency

has occurred. Additionally, the 9-11 call taker can

see the building’s floor plans and other facility information.

As the incident unfolds, the call taker can send text

updates to teacher and staff to keep them informed and

aware. With Rave Panic Button, 9-1-1 serves as incident

command by continuously providing instructions to

people on-site and relaying information to first responders.

This better coordinated response saves time and

saves lives.

By immediately notifying 9-1-1 and on-site personal,

Rave Panic Button initiates lockdown procedures and

speeds up the process. A partner integration in Nassau

County, NY highlights how Rave Panic Button’s is

integral to lockdown procedures. In Nassau County, NY,

Rave Panic Button was deployed to protect 350 schools

and over 200,000 students. Since Nassau County has

Rave Panic Button and IntraLogic Video Management

Solutions, the Rave Panic Button triggers all doors

to automatically lock. The 9-1-1 supervisor can also

search live camera feeds and provide updates to first

responders. As first responders arrive on the scene with

improved situational awareness, they can use the Intra-

Logic system to unlock doors.

Institutions are replacing hard wired panic buttons

for a fraction of the cost with the mobile technology that

travels with you, calls 9-1-1, and alerts staff in 1.5 seconds.

Rave Panic Button is trusted by schools, universities,

hospitals, and corporations nationwide because

when seconds count Rave Panic Button can be trusted

to deliver a faster and more efficient response.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

ttps://www.ravemobilesafety.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Rave Panic Button Video:

https://www.youtube.com/watch?v=3wa9Fl0NsPY

Rave Panic Button Alerts Teachers to Gun on Campus:

https://www.youtube.com/watch?v=E5dMt_DRaA4

Arkansas Deploys Rave Panic Button App to Better Protect K-12

Students:

https://www.youtube.com/watch?v=m8_L70rqVNk

Limestone County Increases Safety with Rave Panic Button:

https://www.youtube.com/watch?v=83N5gwBqqbA

SNOPAC 9-1-1 Leverages Rave Panic Button to Locate Missing

Children:

https://www.ravemobilesafety.com/case-studysnopac-9-1-1rave-panic-button-technology-locatemissing-children/

Rave Panic Button:

https://www.ravemobilesafety.com/panic-button/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Katharine Dahl, Director of Marketing

Rave Mobile Safety

office: 508-532-8933

cell: 508-341-0545

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

kdahl@ravemobilesafety.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Rave Mobile Safety

50 Speen Street Suite 301

Framingham, MA 01701

60 61


2016

Perceptics, LLC

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Automated License Plate Recognition (ALPAR)

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.perceptics.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Border Security Info:

http://www.perceptics.com/markets/border-security/

Checkpoint LPR:

http://www.perceptics.com/products/license-platereaders/checkpoint-lpr/

Freeflow LPR:

http://www.perceptics.com/products/license-platereaders/freeflow-lpr/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Casey Self, Marketing Manager

Perceptics, LLC

office: 865-671-9257

cell: 865-210-3351

Perceptics is the sole LPR system provider for primary

passenger vehicle inspection lanes at all land border

ports of entry into the United States. Overall, Perceptics

LPRs, driver and scene cameras are installed in over

600 (inbound, outbound, and tactical) lanes for U.S.

Customs and Border Protection. Perceptics recently

installed LPRs at 42 U.S. Border Patrol check point lanes

in Texas, New Mexico, Arizona, and California away from

the border.

Perceptics is the only company to successfully and consistently

meet and exceed CBP’s stringent specifications,

including CBP’s 95% LPR full plate read rate requirement

for character and state/province identification, as

well as delivery on performance, system availability, and

equipment reliability targets.

Perceptics has continually demonstrated its ability to engineer

and develop the most accurate high performance

imaging systems for national border security agencies in

North America.

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

casey.self@perceptics.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Perceptics, LLC

11130 Kingston Pike

Suite 6

Knoxville, TN 37934

62 63


2016

Identiv

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Access Control Hardware

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Federal agencies are feeling pressured to adopt government-wide

Federal Identity, Credential, and Access

Management (FICAM) compliant physical access control

systems (PACS). Identiv’s Hirsch government FICAM

solution offers a true end-to-end HSPD-12 solution that

eliminates the need for expensive third-party credential

management hardware. The net benefit is an overall solution

that is more secure, faster, and less expensive to

deploy and authorize access than first-generation FICAM

solutions.

Identiv’s Hirsch Velocity Certificate Service is compatible

with existing Velocity systems running Velocity 3.6

after application of a feature pack. All existing systems

have the ability to be upgraded through software updates.

Identiv’s Professional Services Group (PSG) can

Vendors of IT Security Products and Solutions

also provide transition planning support to upgrade

existing systems. FISMA, COOP, and enterprise PACS

solutions are also available.

Identiv’s Secure Network Interface Board 3 (SNIB3)

is an expansion component update for Hirsch Mx and

DIGI*TRAC Controllers. It is a sophisticated, secure

communication device that has dedicated processors to

efficiently handle encryption and management operations.

SNIB3 is used to manage PKI certificate data for

door access as provisioned by Velocity. Using FIPS 140-2

certified encryption technology, SNIB3 serves as the

communication hub from controller to Velocity using a

secure TCP/IP protocol.

Identiv’s RS485 Reader Expansion Board (RREB)

is a unique reader communication device that installs

onto the expansion cable of Hirsch Mx and DIGI*TRAC

Controllers and features eight RS-485 communication

ports, capable of supporting 16 readers on eight doors.

The RREB makes it possible to have extremely high data

rates with up to 16 PIV smart card readers while using

Open Supervised Device Protocol (OSDP).

Identiv’s uTrust TS Government Readers are the industry’s

most flexible and secure intelligent door reader

endpoints, enabling agencies to deploy a highly secure

U.S. government FICAM CAK at a fraction of the cost

of competing solutions. ScramblePad and static keypad

models are available. The readers have RS-485 and

Wiegand connections, support PoE power, and can be

configured to support thousands of different card technologies.

Existing uTrust TS Government Readers are

flash upgradeable to enable the FICAM solution without

needing to replace current readers.

In summary, Identiv’s FICAM solution is faster and

less expensive. It provides customers a low-cost, simple

to deploy, secure solution for FICAM compliance. The

time required to upgrade existing Hirsch Velocity PACS

is significantly less than competitor’s solutions, allowing

federal agencies to meet rapidly approaching compliance

deadlines. The time and cost to deploy new systems

or transition from another system is offered at the

same extreme value as other Hirsch solutions.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

identiv.com

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Identiv’s End-to-End Federal Identity, Credential, and Access

Management (FICAM) Solution was developed to implement

a simple, affordable FICAM-compliant solution simply with

optimal performance:

identiv.com/ficam

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Anja Pellegrino, Sr. Content Manager

Identiv

office: 213-910-0043

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

apellegrino@identiv.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Identiv Federal Headquarters

2425 Wilson Blvd., Suite 325

Arlington, VA 22201

64 65


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of Physical Security Products and Solutions

Shooter Detection Systems LLC

2016 Winner

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Active Shooter Gunshot Detection Solution

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

The sound of a gunshot can easily be mistaken for

construction noise or a car backfiring and this uncertainty

can trigger unnecessary fear and panic or worse,

inaction. Shooter Detection Systems’ Guardian Indoor

Active Shooter Detection System listens and looks for

gunfire and then reports that a shot has occurred within

one second. The system has zero false alerts and

displays the shooter’s location on an easy to read floor

plan that shows security and key personnel where the

gunshot occurred. This allows officials to immediately

and appropriately respond to a life-threatening event

and save lives with

accurate, real-time

information.

As recent FBI

reports have stated,

Active Shooter

incidents have

been on the rise

66

in the U. S. for the past several years. Effective response

depends on the timely detection and reliable identification

of an active shooter and the immediate communication

of the incident details to at-risk personnel as well

to emergency responders. A multi-mode (acoustic and

IR based) gunshot detection sensor networked within

a facility provides immediate and accurate detection of

an Active Shooter within one second. The system also

automates camera call up and initiates access control,

therefore allowing security personnel to begin lockdown

or evacuation procedures, and first responders to

immediately address the threat.

Shooter Detection Systems is comprised of a targeted

team of business, tactical and multi-disciplinary systems

engineering experts who collectively have over 40 years

of experience with acoustic gunshot detection systems

that were developed for military applications. While

working at a major defense contractor, the SDS team

was responsible for the successful production and delivery

of over 10,000 gunshot detection systems to Iraq

and Afghanistan. As a result of sniper attacks on the U.S.

power grid, these same systems have been deployed to

protect critical infrastructure and prevent the effects of a

crippling power loss by sniper attack.

Understanding the immediate need for technology

to address the Active Shooter threat, the team began

investigating how their experience designing acoustic

detection technology could be applied indoors, offering

a solution to this difficult and emerging problem. With

a nation in fear of the Active Shooter, false alerts would

not be tolerated. The difficulties in applying acoustic

technology in an indoor environment were examined,

thoroughly tested, and found to have an unacceptable

false alert rate. Though even the vehicle gunshot detection

version uses an acoustic modality to detect shooters,

it was found that in an indoor environment, an

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.shooterdetectionsystems.com/

Link to full award submission report:

––––––––––––––––––––––––––––––––––––––––

http://www.shooterdetectionsystems.

com/?p=15028

Nominating contact for this entry:

–––––––––––––––––––––––––––––––––––

Kendra Noonan, Director of Communications

Shooter Detection Systems

office: 1-844-SHOT911

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

knoonan@shooterdetectionsystems.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Shooter Detection Systems

300 Newburyport Turnpike

Rowley, MA 01969

acoustics-only approach was insufficient. The result is the

Guardian Indoor Active Shooter Detection System.

The Guardian system is comprised of dual modality

sensors strategically positioned within facilities that

transmit gunshot alerts within one second. Guardian incorporates

the world’s finest acoustic gunshot detection

software and combines it with infrared sensor gunfire

flash detection to produce the most accurate indoor

gunshot detection system available. The sensor’s unique

dual validation requirement provides the highest rate of

detection while bringing the number of false alerts to

zero.

SDS is regularly chosen to participate in DHS Active

Shooter and Terrorism scenario training drills involving

multiple cooperating government agencies, a sampling

Continued on next page

67


is below:

In August 2014, SDS was selected to participate in

a DHS sponsored School Safety Mock Active Shooter

Drill at a large school in Wayne, New Jersey. Over 100

role player participants were included in this exercise,

including mock active shooters, shooting victims, and

first responders. The active shooters in this scenario

used high power rifles and handguns, and the Guardian

sensors deployed throughout the facility provided 100%

detection on all gunshots with zero false alerts. First

responders were alerted via Situational Awareness Map

and SMS messages, allowing immediate response and

rapid takedown of the mock active shooter. In August

2015, SDS was chosen to participate in a DHS sponsored

Mock Active Shooter/Terrorist Drill at a multilevel

synagogue in West Orange, New Jersey. The mock active

shooter in this scenario used a high-power rifle and 20

Guardian sensors deployed throughout the synagogue.

The system provided 100% detection on all gunshots

with zero false alerts.

In November 2015, SDS was chosen by DHS to

participate in an Active Shooter scenario in a New York

City subway setting. Coincidentally, this event followed

a series of coordinated terrorist attacks in Paris, drawing

high level visitors to this subway event. DHS Secretary

Jeh Johnson, New York City Mayor Bill de Blasio, NYPD

The Evolution of Superior Gunshot Detection

2011

1990’s 2003 2005 2009 2010 2013 2014

Commissioner William Bratton, FDNY Commissioner

Daniel Nigro, and NYPD Police Chief James Waters

could witness firsthand how the Guardian sensors deployed

along the subway platform and in the subway

car alerted at 100% detection with zero false alerts.

The Guardian System’s Situational Awareness Map was

broadcast inside NYPD Mobile Command Center and

shot information was repeated to first responders, allowing

swift takedown of the active shooter.

In June 2016, SDS was chosen again by DHS to

participate in an Active Shooter/Terrorist drill, this

time in a professional sports stadium environment.

The exercise took place at Fenway Park in Boston, MA,

with over 500 role players participating in a simulated

attack on a crowd at the entrance to the stadium.

In cooperation with the Boston Police Department,

SDS deployed sensors along the Gate D entrance and

integrated with the building’s existing video surveillance

system. In multiple scenarios, the Guardian

system alerted on 100% of the shots fired along the

concourse. The system sent alerts to participating First

Responders, Fenway Security Personnel, and provided

instant camera views to the active shooter to the Fenway

Security Operations Office.

As of December 2016, SDS is installed nationwide

with over 14 million hours of operation in real-world

environments with zero false alerts. These installations

include airports, Fortune 500 corporations, court

systems, utilities, healthcare facilities and high-rise office

buildings, with upcoming installations in many more

government and private buildings. Active Shooter Protocols

are now a standard practice among all these industries.

The Guardian Indoor Active Shooter Detection

System is the missing link to activate these protocols

with confidence, decreasing response time and saving

lives in the event of an active shooter.

With the FBI recently reporting that 2014-2015

showed the most active shooter incidents ever in a twoyear

period, there is no better time or reason for SDS

to win the GSN 2016 Homeland Security Award for Best

Active Shooter Gunshot Detection System.

For more information, please contact us at sales@

shooterdetectionsystems.com or call 1-844-SHOT911.

68 69


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

B.I.G. Enterprises, Inc.

2016 Winner

B.I.G.’s award-winning Portable/Turnstile booth:

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Guard Booths

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

B.I.G. helps facility owners put exceedingly tough access

control wherever it is needed.

Turnstiles are used at a wide variety of settings to allow

only one person at a time to pass into an area. Now

B.I.G. Enterprises has created a Portable Guard Booth

w/Turnstile unit to provide secure access when and

where needed.

From a business/revenue standpoint, turnstiles give

an accurate, verifiable count of attendance. From a

security standpoint, they provide added access control

limiting access to personnel with proper badges, and

lead patrons to enter single-file, so security personnel

have a clear view of each patron.

From stadiums, amusement parks, mass transit stations,

office lobbies, airports, ski resorts, and casinos to

government buildings and critical facilities such as data

centers, chemical or nuclear power plants, controlling

the flow of foot-traffic—but at flexible places on a property

can be exceedingly valuable.

Recently, one of B.I.G.’s customers—a major North

American construction company, needed to control

construction workers as they arrived and departed each

day from a highly sensitive power plant construction

project. Nuclear power plants, Generation Stations and

certain fuel fabrication facilities must show they can defend

against a set of adversary characteristics called the

Design Basis Threat (DBT). In general, the DBT outlines

threats and adversary characteristics these facilities must

demonstrate they can protect against. B.I.G.’s awardwinning

Portable Guard Booth w/Turnstile unit helps

such facilities show that they their access control can

stand up to specific tactics used by terrorist groups and

organizations.

The prefabricated unit in this photo is designed with

three Turnstiles, but B.I.G. could provide the same

model with fewer or greater turnstiles. Portable, this

unit can be used in various areas for secured access into

a facility.

The Portable Guard Booth WITH Turnstiles features

full structural steel framing with insulated galvanized

steel walls and roof, dual pane insulating glass, interior

shelving, LED lighting, outlets and J-Boxes for data &

communications, HVAC, floor and high solids polyurethane

paint finish. The turnstile area is framed to accept

the turnstiles and features galvanized flooring covered

with polished aluminum diamond plate, recessed compact

Fluorescent lights in the soffit above the turnstiles,

and three factory-installed turnstiles.

“Because we are experts at perimeter security and

access control, we were pleased to work with this major

utility company to assist in a critical time of their expansion

process. Whatever the requirement you may face,

B.I.G. Enterprises, Inc. has the solution.” – said Vice

President David King.

About B.I.G. Enterprises:

Since 1963, B.I.G. Enterprises, Inc. of California

has engineered and manufactured a

comprehensive line of high quality, highend,

prefabricated security and revenue control

booths. Their state-of-the-art selection of

pre-assembled buildings include guardhouses,

cashier booths, portable shelters, and

a variety of custom-made kiosks. For more

information, visit: www.bigbooth.com.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.bigbooth.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

http://www.bigbooth.com/case-studies/april-2016

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Sharon Bailey, Managing Director

Brand Orbit

office: 626-791-7954

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

sharonb@brandorbit.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Brand Orbit

1051 E. Altadena Drive

Altadena, CA 91001

70 71


2016

Ross Technolog y

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Perimeter Protection

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.rosstechnology.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

(XT-4200) M50 P1 Post & Beam Gate:

http://www.rosstechnology.com/perimeter-security/

gates-and-fencing-2/m50-p1-post-beam-gate/

Beam style gates are ideal for guarding access control points

with wide entrances, eliminating the need to install and

maintain multiple wedge barriers or bollards. And because

the vertical support posts and foundations are often installed

beyond the roadway margins, these barriers can reduce the risk

of interference with underground utilities. The XT-4200 Anti-

Ram Gate features a unique rising beam actuated by a highly

reliable, electromechanical drive system. It’s also engineered

to integrate seamlessly into our XL-501 Post & Beam Fence to

create a turnkey perimeter security solution.

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Engineered to be extremely flexible and user friendly,

the XT-4200 is the only electro-mechanical rising beam

barrier that meets the ASTM F2656 M50-P1 crash test

standard. Crash tested with a 24’ clear opening, this

barrier is not only a cost effective solution for securing

wide entrances, it’s also designed to reduce maintenance

and operating costs.

The all-electric system utilizes a continuous-duty

rated motor and gearbox to provide long-term reliability

and reduced downtime. And because the motor

and drive system are located within the posts, they’re

shielded from the elements to deter corrosion. This also

makes it easy to access equipment for service. Finally,

the crash beam is raised and lowered by a unique dual

drive chain system to ensure consistently smooth and

quiet operation.

Like our Anti-Ram Fence, the XT-4200 post design

features integral rebar rods (provided by Ross) to spare

installers the time and expense of purchasing rebar and

building cages. The post is also engineered to accept

Ross XL-501 Anti-Ram Fence Beams for a complete,

integrated perimeter security system.

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Steve Luscian,Vice President, Sales and Marketing

Ross Technology

office: 717-656-2200

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

Sales@rosstechnology.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Ross Technology

104 N. Maple Avenue

P.O. Box 646

Leola, PA 17540 USA

72 73


2016

Ross Technolog y

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Vendors of Physical Security Products and Solutions

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Best Crash Barriers (Gates, Fences, Barriers, Bollards)

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.rosstechnology.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

(XL-501 / RSS-F501D) M50 P1 Post & Beam Fence:

http://www.rosstechnology.com/perimeter-security/

gates-and-fencing-2/anti-ram-m50-p1-post-beamfence/

Anti-ram fencing safeguards high-risk facilities that require complete

perimeter protection against vehicle-borne attacks. These

anti-ram barrier systems provide maximum security for buildings,

equipment and hazardous materials vulnerable to highspeed

impacts or in close proximity to roadways. The XL-501

Post and Beam Anti-Ram Fence is a proven high security vehicle

barrier delivering vehicle-stopping strength with an innovative

design that reduces overall costs, simplifies installation and

improves visual appeal.

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

The XL-501 Post and Beam Anti-Ram Fence was engineered

to be extremely simple and efficient in terms

of the materials required to arrest vehicle impact and

the effort required for construction. Constructed from

heavy-duty structural steel, this unique system utilizes

a single tubular beam with patented, energy-absorbing

technology that enables the vertical posts to be set on

30-foot centers. This design feature eliminates the need

for multiple intermediate posts and cable runs used in

traditional anti-ram fence products. Ross Post and Beam

Anti-Ram Fence accommodates a wide range of inherent

site considerations, including layout and terrain

changes. The heavy-duty galvanizing and optional epoxy

primer and polyurethane topcoat provide a high-quality,

durable finish that withstands the elements. And the

high-strength tubing does not require initial or ongoing

tensioning.

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Steve Luscian,Vice President, Sales and Marketing

Ross Technology

office: 717-656-2200

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

Sales@rosstechnology.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Ross Technology

104 N. Maple Avenue

P.O. Box 646

Leola, PA 17540 USA

74 75


The GSN 2016 Homeland Security Awards

Category #2: Vendors of Physical Security Products and Solutions

Best Mass Notification System

Rave Mobile Security

finalist

ravemobilesafety.com

Best Asset Tracking with

Pairing Technology

Offsite Vision

winner

offsitevision.com

Best Spherical Situational Awareness

Imaging Technology

IC Realtime

winner

icrealtime.com

Best Disaster Preparedness, Recovery,

Clean-up

High Rise Escape Systems, Inc

winner

hres.com

Best Explosives Detection Product

or Solution

FLIR Systems

winner

flir.com/fidox2


The GSN 2016 Homeland Security Awards

Category #3: GSN 2016 Government Excellence Award

Judging in this category is based on one or more of the following criteria:

• Development of successful strategy and increase in public safety

• Providing a notable solution to a recognized problem

• Reduction in cost and/or major increase in efficiency and effectiveness

• Decisive, successful action to respond to threat or emergency

Special note on this year’s Government Awards:

Rather than relying on predetermined categories, the judges decided instead

to select five entries that would best represented the term Government Excellence.

2016 Government Excellence Entry

selected by judges:

Agency: Department of Homeland

Security, Office of Cybersecurity and

Communications

Category: Most Notable Cybersecurity

Program or Technology

Product: National Cybersecurity

Assessments and Technical Services

(NCATS)

2016 Government Excellence Entry

selected by judges:

Agency: DOJ, OPM

Category: Most Notable Government

Security Program, Project of Initiative

Product, Service or Program: Interagency

Security Committee Risk Management

Process (ISCRMP) Training Program

2016 Government Excellence Entry

selected by judges:

2016 Government Excellence Entry

selected by judges:

2016 Government Excellence Entry

selected by judges:

2016 Government Excellence Entry

selected by judges:

Agency: USDA Agricultural Research

Service (USDA-ARS)

Category: Most Notable Federal

Government Program, Project or Initiative

Product: BeyondTrust Powerbroker

Agency: Federal Emergency Management

Agency (FEMA)

Category: Most Notable Cybersecurity

Program or Technology

Product, Service or Program: Personal

Identity Verification (PIV) and Single

Sign On (SSO) enablement

Agency: State of Montana

Category: Most Notable State

Government Program, Project or Initiative

Program: State Information Technology

Services Division (SITSD), State of

Montana

Agency: Wombat Security Technologies

Category: Most Notable Cybersecurity

Program or Technology

Product, Service or Program: Wombat

Security Education Platform

78 79


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable Federal Government Security Program,

Project or Initiative

Name of Nominated Product, Service,

or Program:

––––––––––––––––––––––––––––––––––––––––

BeyondTrust Powerbroker

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

In June of 2015, the Office of Management and Budget

(OMB) launched a 30-day Cybersecurity Sprint to assess

and improve the health of all Federal assets and networks.

Agencies were directed to protect Federal information

systems, and improve the resilience of networks

in both civilian and military organizations, then report

on their successes and challenges. Organizations were

instructed to immediately patch critical vulnerabilities

and strictly limit the number of privileged users with access

to authorized systems, while significantly accelerating

the use of strong authentication for privileged users.

The US Department of Agriculture, Agricultural Research

Service (USDA-ARS), took the call to action seriously

and set out to rapidly secure 11,000 privileged users in

their windows environment. Deploying BeyondTrust

GSN 2016 Government Excellence Award

USDA Agricultural Research Service (USDA-ARS)

2016 Winner

Powerbroker for Windows in half the time expected

for a deployment of this size, the USDA-ARS was able

to secure and manage their privileged accounts quickly

and efficiently. In many cases, achieving this well ahead

of peer agencies.

Legacy Software: Upgrades and Vulnerabilities

The USDA-ARS began to see immediate benefits. “As

we brought ARS sites from around the country into

Enterprise Active Directory, under the agency domain,

we found thousands of machines had older versions of

software, such as Internet Explorer, Adobe, Java, etc.

Many of these older versions of software were found to

contain vulnerabilities and a mandate was generated to

upgrade to the latest versions. With PBW, I was able to

quickly and easily create rules that provided users the

administrative privilege to uninstall old software and

install new software without the need for administrative

credentials,” said the project lead at the agency. In

addition, this project allowed the agency to create a very

large set of “canned” rules to allow background update

services to install updates and patches. “We immediately

began to see a drop in the number of vulnerabilities

reported in these applications.”

Elevating Specific Applications

Like many of our government agencies, the US

Department of Agriculture ARS has cases where one

user, or several users, need to launch an application

with administrator privileges on a specific machine or

group of machines. However, they don’t need full-time

administrator privileges or access to the username and

password of a local administrator account as part of

their day-to-day duties. This implementation allowed the

agency to elevate the specific application to launch with

administrative privileges without the user ever obtaining

the username and password for a local administrator

account. “Thus, the user is not able to login to the computer

with an administrator account, thereby gaining

administrator-level access to everything on the machine,

nor do they have the ability to launch/install other

applications using the built-in ‘Run-As’ function,” said

the agency project lead. The USDA-ARS is making the security

of their information systems a priority, achieving

least privilege quickly and effectively. Congratulations to

the agency teams and leadership for a job well done.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.beyondtrust.com/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Mike Bradshaw, Partner

Connect Marketing

office: 801-373-7888

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

mikeb@connectmarketing.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Connect Marketing

881 W. State Street

Pleasant Grove, UT 84062

80 81


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable Cybersecurity Program or Technology

Name of Nominated Product, Service,

or Program:

––––––––––––––––––––––––––––––––––––––––

Personal Identity Verification (PIV)

and Single Sign On (SSO) Enablement

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

In June of 2015, the Office of Personnel Management

suffered a high-profile data breach which spurred action

on cyber security across numerous agencies. Adrian

Gardner, the Chief Information Officer (CIO) of the

Federal Emergency Management Agency (FEMA), was

determined to safeguard his agency’s information. He

sought a comprehensive, rigorous solution rather than a

“Band-Aid” approach, and had a very aggressive schedule

to implement the solution in six months. Mr. Gardner

requested that 76 high priority systems be Personal

Identity Verification (PIV) Card and Single Sign On

(SSO) enabled to ensure that industry leading security

standards, aligning with FEMA’s Target Actionable Architecture,

would be applied to systems containing user

information.

GSN 2016 Government Excellence Award

Federal Emergency Management Agency (FEMA)

2016 Winner

The FEMA PIV SSO project was kicked off on October

1, 2015, consisting of a joint FEMA-IBM initiative that incorporated

efforts led by the Office of the Chief Information

Officer (OCIO) and supported by various mission

critical FEMA program areas. The scope of the effort

included the implementation of an enterprise security

infrastructure based on the IBM Security Access Manager

(ISAM) Webseal, Federated Identity Manager (FIM)

and Integrated Windows Authentication (IWA) technologies.

FEMA’s systems leverage a wide variety of technologies,

including Java, C++, .NET, PowerBuilder,

and Mainframe. The PIV/SSO implementation approach

varied depending upon the technology and existing

authentication mechanism of the specific application.

FEMA understood that no single solution would be

able to address the authentication needs for all applications

within an organization as large and complex as

FEMA. Accordingly, the team created a standardized

approach which took into consideration the systems’

technical platforms (Powerbuilder, Java, .NET, Custom-

Off-The-Shelf ) and other mitigating factors such as

end user population types, need for mobility support,

the production environment and other critical factors.

Moreover, the integrated team took into consideration

a user population that does not currently use PIV cards

for access: namely state, local, tribal, and territorial

(SLTT) users. The solution allowed them continued

access to the systems through user name and password

authentication as a temporary workaround until PIV-I

would be rolled out.

The system deployments were planned to minimize

the impact to the mission of the organization. Application

releases were grouped based on technology,

authentication method and application dependency.

The first group deployment, in mid-February 2016,

included applications dependent on the mission-critical

National Emergency Management Information System

(NEMIS) system. The second group of applications,

mostly relying on the FEMA Integrated Security and

Access Controls – FEMA Access Management System

(ISAAC - FAMS) landing page, were deployed at the end

of February. The last group of systems, primarily includ-

Continued on next page

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.fema.gov/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Given the nature of this project, there is limited publicly

available information. What information can be found on the

internet has been included here.

This quick reference guide helps to demonstrate the proper

use of the system. It helps to explain how the user interface

changed to increase security without impacting current work

products:

http://floodmaps.fema.gov/tutorials/piv/MIP_PIV_

Quick_Reference_Guide.pdf

Note from FEMA Chief Information Security Officer (CISO),

Donna Bennett to employees describing the implementation of

the single sign on system:

https://www.fema.gov/media-library-

data/1458661814326-bf98611bc38ad-

8ba63241578a3e2c145/PIVRollout.txt

Helps to describe the innovative nature of FEMA’s authentication

program and its impact:

https://gcn.com/articles/2016/10/06/dig-it-fema-authentication.aspx

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Thomas Coleman, Partner

IBM Global Business Services

office: 301-803-6689

cell: 202-320-3280

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

thomas.coleman@us.ibm.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

IBM Corporation

600 14th St, NW, Floor 2

Washington, DC 20005-2012, US

82 83


ing Cloud based systems and systems outside of the

FEMA Enterprise Network, were deployed at the end of

March, meeting the initial six-month deadline through

tight collaboration across all stakeholders.

The completion of PIV/SSO enablement is a significant

step in furthering FEMA’s cyber defenses and

controls to better protect FEMA data, including information

from disaster survivors and FEMA partners. The

PIV/SSO effort not only introduced a scalable enterprise

security platform but it also integrated all FEMA’s critical

systems within the infrastructure to ensure the security

of the organization’s applications and the data which

it maintains. This was accomplished with minimal user

interruption as the integrated FEMA-IBM team carefully

planned the deployment of the systems taking into consideration

FEMA restrictions of system changes during

active disaster declarations.

This project PIV enabled FEMA systems at the application

level, allowing FEMA to attain the Level of

Assurance 4, in accordance with the NIST SP 800-63

requirements, for their high value systems. With this

capability, the agency has transformed the way all users

access their applications, simplifying and streaming

their access to the applications while improving system

security and reducing FEMA operational overhead of

manually updating employee records. By creating a

standardized solution approach across disparate identity

architectures throughout different FEMA IT Systems,

this project also reduces the effort for any new system to

be integrated within FEMA’s enterprise security infrastructure

in the future. The FEMA PIV/SSO effort applied

industry-leading security standards and created a robust

security layer, which enhances FEMA’s ability to both

secure and control access to sensitive information. This

implementation not only leveraged an architecture that

conforms to various FICAM model objectives, but also

helped FEMA reach its objective of meeting OMB and

DHS mandates.

Summary highlights of how the PIV/SSO initiative transformed

FEMA’s security posture include:

• Implementation of an architecture that conforms

to goals for Federal Identity, Credential, and Access

Management (FICAM) model.

• FEMA attainment of Level of Assurance 4, in

accordance with the NIST SP 800-63 requirements,

for their high value systems.

• Implementation of appropriate policy controls

such as User Based Enforcement (UBE).

• Reduced PII Exposure and improved audit

reporting.

• A standardized solution across disparate

identity architecture throughout different

FEMA IT Systems.

• Reduced FEMA operational overhead of manually

updating employee records.

84 85


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable Cybersecurity Program or Technology

Name of Nominated Product, Service,

or Program:

––––––––––––––––––––––––––––––––––––––––

National Cybersecurity Assessments and Technical

Services (NCATS)

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

GSN 2016 Government Excellence Award

Department of Homeland Security,

Office of Cybersecurity and Communications

2016 Winner

National Cybersecurity and Communications Integration

Center (NCCIC). The NCATS team focuses on proactively

engaging with its federal, state, local, tribal, territorial

and critical infrastructure partners to improve their

cybersecurity posture, limit their exposure to risks and

threats, and reduce rates of exploitation. The NCATS

team offers cybersecurity services such as red teaming,

penetration testing, and vulnerability scanning at no

cost.

To date, the NCATS program has worked with over

386 organizations, delivered over 19,000 reports and

helped resolve over 326,000 vulnerabilities. DHS’s

Office of Cybersecurity and Communications Assistant

Secretary Dr. Andy Ozment states, “NCATS is a lifeline to

funding-constrained public and private sector partners,

particularly among the critical infrastructure sectors.

Their cybersecurity expertise in current and emerging

threats provides an objective third-party perspective to

help improve an organization’s cybersecurity posture.”

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

http://www.DHS.gov/cyber

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

https://www.us-cert.gov/ccubedvp/federal

https://krebsonsecurity.com/2015/12/dhs-givingfirms-free-penetration-tests/

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Rob Karas, Director of National Cybersecurity

Assessment & Technical Services (NCATS)

Department of Homeland Security,

Office of Cybersecurity and Communications

Contact Bob Hopkins on his behalf: 703-235-5788

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

Robert.Hopkins@hq.dhs.gov

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

Department of Homeland Security,

Office of Cybersecurity and Communications

245 Murray Lane, SW

Building 410, MS 645

Washington, DC 20528

In May 2015, the Department of Homeland Security

(DHS) issued a first-of-its-kind binding operational

directive (BOD) requiring all federal agencies to patch

critical network vulnerabilities within 30 days. The National

Cybersecurity Assessments and Technical Services

(NCATS) Cyber Hygiene program was responsible for

identifying critical vulnerabilities in agency systems.

They helped create the BOD Scorecard, BOD vulnerability

tracker, real-time dashboard with graphs for real-time

situational awareness, and programmed a hierarchical

data structure to enhance the categorization of each

stakeholder’s internet protocol (IP) space. These products

have improved DHS’s ability to determine a federal

department or agency’s network security status in realtime.

The National Cybersecurity Assessments and Technical

Services (NCATS) program is located within the

DHS’s Office of Cybersecurity and Communication’s

Organizations participating in DHS’s “Cyber Hygiene” vulnerability

scans. Source: DHS

86 87


2016

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable Cybersecurity Program or Technology

Name of Nominated Product, Service,

or Program:

––––––––––––––––––––––––––––––––––––––––

Wombat Security Education Platform

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

The Wombat Security Education Platform helps IT security

professionals maximize learning and lengthen retention

through the implementation of a continuous cycle of assessment,

education, reinforcement, and measurement all

in one integrated platform. Wombat’s methodology sits in

strong contrast to a “one and done” approach, providing

an innovative and appealing way to teach the end-user,

which sharpens their security skills and gives IT security

professionals and enterprises the opportunity to mitigate

risk through constant security awareness. Wombat’s success

in driving awareness and creating lasting behavior

change for end users is demonstrated across a variety of

industries. After pairing mock phishing attacks and interactive

training modules, a large public college in the

Northeastern U.S. saw a significant reduction in malware

and viruses, a 90% reduction in successful phishing attacks

GSN 2016 Government Excellence Award

Wombat Security Technologies

2016 Winner

from the wild, significantly fewer support requests, an

increase in the number of users reporting incidents and

attacks, and a greater awareness of issues.

Wombat’s training program differentiates itself from

other offerings by focusing on the following:

• Learning Science Principles: Wombat applies traditional

proven training methods to a modern education

problem with an innovative software-based solution. All

of Wombat’s training solutions utilize multiple learning

science principles to engage the learner, lengthen retention

and change behavior. Wombat’s training software

asks learners to practice as they learn, provides immediate

feedback for right and wrong answers, and provides

teachable moments to show a learner what they don’t

know.

• Automating Attacks and Training: Wombat’s simulated

attacks and knowledge assessments are integrated with

cloud-based training modules so everyone who falls for

an attack, or scores below an assessment threshold, can

automatically be assigned training they can complete at

a later time. This enables the organization to understand

and address the riskiest users in their organization.

Wombat’s Security Education Platform contains Security

Assessment Tools that give customers important insights

into susceptibility and allows them to narrow in on key

areas of susceptibility. Clients can pair the company’s

CyberStrength® knowledge assessments with Wombat’s

ThreatSim®, SmishGuru®, and USBGuru® simulated

attack programs for a comprehensive view of an organization’s

potential vulnerabilities. Security officers also have

the ability to customize training programs for the entire

organization or to focus on a group of employees. Wombat’s

mobile-responsive modules provide users increased

flexibility and accessibility. Meeting U.S. 508 & WCAG

compliance standards and offering more than 25 languages

provides a diverse cross-section of users the opportunity

to complete training requirements regardless of their

native language or individual abilities. The newly released

Dynamic Reporting capabilities within the Security Education

Platform allow IT security professionals to seamlessly

monitor user performance and deploy gamification of

security education programs to further motivate employee

engagement in training initiatives.

Wombat Security Technologies is the first and only

company to offer a complete suite of anti-phishing and

security awareness assessment and training products that

leverage progressive training techniques to effectively improve

human response against cyber threats – up to a 90%

reduction in malware infections and phishing attacks. The

platform provides the ability to assess, educate, reinforce,

and measure. This gives IT security professionals a solid

foundation to implement an effective security awareness

program, where each and every employee becomes a “se-

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://www.wombatsecurity.com/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

Testimonials page:

https://www.wombatsecurity.com/about/testimonials

Platform page:

https://www.wombatsecurity.com/security-education

Educate page:

https://www.wombatsecurity.com/security-education/educate

Independent media coverage:

http://www.eweek.com/small-business/wombatreleases-security-education-platform.html

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Dasha (Daria) Ivanova, Account Coordinator

SHIFT Communications

office: 512-792-2543

cell: 713-705-0158

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

divanova@shiftcomm.com

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

SHIFT Communications

200 E 6th Street, #202

Austin, TX 78701

curity guard” of the company no matter what kind of cyber

attack the company faces. Wombat’s Education Security

platform is built on scientific research, which distinguishes

Wombat from any other education platform across the

security industry.

88 89


2016

State of Montana

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable State Government Security Program,

Project or Initiative

Name of Nominated Product, Service,

or Program:

–––––––––––––––––––––––––––––––––––––––

State Information Technology Services Division

(SITSD), State of Montana

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

SITSD has been working to increase visibility in agencies

across the state of Montana including Health & Human

Services, the Department of Revenue, the Department

of Administration and the Judicial Department, through

the use of Splunk Enterprise and Splunk Enterprise

Security. SITSD utilizes this platform to improve the

security posture of the state, and is doing so through

troubleshooting and other crucial capabilities. The

SITSD team is also now able to monitor multiple security

categories – including information across the network,

directories, web filtering, DNS and virtual servers

– as well as the security bandwidth of various agencies

across the state.

GSN 2016 Government Excellence Award

Within SITSD, security teams now have the ability to

build and use threat intelligence dashboards, providing

visibility into all threat intelligence activity across the

network. Using these dashboards, the team automatically

accesses datafrom agencies across the state within

minutes to assess and mitigate potential threats. Prior to

implementing the security platform, the team manually

retrieved this information, which was very time consuming.

Security personnel can now pull data from multiple

sources into one pool for unified search discovery and

troubleshooting. Examples are Firewall, Websense Filtering,

Netscaler, Active Directory Auditing, DNS, and VM

machine access.

In addition to these new capabilities, teams within

SITSD have begun to function in a proactive manner

rather than in the reactive way they functioned prior to

deploying the platform. They can now fully understand

their threat environment and monitor all types of data,

which has led to a major increase in efficiency and information

sharing across Montana. The state no longer has

to assess threats on a case-by-case basis, and can more

efficiently and effectively protect the data of the state,

and therefore its citizens.

This program has become a critical tool for Montana’s

network. “Any time we have network or content

filtering issues, our go-to is Splunk. Previously, troubleshooting

issues could take hours, and multiple people

across different bureaus working together as the logs

were from several sources,” said Randy Haefka, Enterprise

Support Services Section Supervisor, Enterprise

Technology Services Bureau, SITSD/Montana Department

of Administration. The team now has all of its

tools and information centralized on one platform,

which further enables it to be proactive and maintain

the integrity of the state’s network.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://sitsd.mt.gov/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

The State Informational Technology Services Division is part of

the Montana Department of Administration. The mission of the

State Information Technology Services Division is to provide

shared IT services to support the needs of the state and citizens

of Montana:

http://sitsd.mt.gov/Services-Support/Enterprise-

Architecture

Independent media coverage:

http://sitsd.mt.gov/News-Events/PID/22417/evl/0/

CategoryID/125/CategoryName/Current-SITSD-

News

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Ron Baldwin, Chief Information Officer

State of Montana

office: 406-444-2777

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

RBaldwin@mt.gov

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

State of Montana

Department of Administration

125 N. Roberts

Helena, MT 59620

90 91


2016

DOJ, OPM

2016 Winner

GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS

Awards Category:

––––––––––––––––––––––––––––––––––––––––

Most Notable Federal Government Security Program,

Project of Initiative

Name of Nominated Product, Service,

or Program:

––––––––––––––––––––––––––––––––––––––––

Interagency Security Committee Risk Management

Process (ISC RMP) Training Program

Reason this entry deserves to win:

––––––––––––––––––––––––––––––––––––––––

Approximately 350,000 Federal facilities across the country

require a comprehensive risk assessment methodology

that addresses threat, consequence, and vulnerability of

the 33 undesirable events identified in the Department of

Homeland Security (DHS), Interagency Security Committee

(ISC) Standard Report. Often facility security practitioners

do not always consider all the undesirable events

when conducting risk assessments due to lack of expertise

or available resources, leaving facilities vulnerable to risk,

exposed to unnecessary expense, and non-compliant with

the ISC standards.

The ISC RMP Training Program was first established as

a pilot course in May 2011 by the DOJ. After some refinement,

the course documentation was submitted to the

GSN 2016 Government Excellence Award

ISC and approved in December 2011 as the first official

risk management process training program. At the end of

2012, DOJ reached out to OPM to establish a partnership

to have the highly regarded program managed by OPM/

EMDC, based on their 50 year history in delivering stellar

leadership and management development programs.

The DOJ/OPM partnership officially kicked off with the

first open enrollment course delivered in Washington, DC

in January 2014. The feedback from the participants in this

first course reflected an overall success score of 4.93 out a

possible 5.0.

The ISC RMP Training Program continues to reach new

heights and achieve success. Most recently, the program

recognized and celebrated the graduation of the 500th

participant. The program has been successfully delivered

to over 540 graduates from 57 different agencies, with

participants ranging from GS-6 to SES. The number of

participants continues to grow substantially, with increasing

numbers coming from the Department of Defense.

The program has been delivered more than 29 times to

date, with additional single agency requested or ad hoc

sessions being added to the training schedule each year.

The program also continues to receive higher than industry

average course evaluation scores.

The success of the program is demonstrated in the

significant increase in the number of security practitioners

who effectively establish risk assessment methodologies

for their facilities that comply with the ISC RMP standards.

Participants who are responsible for securing their agencies

facilities and practitioners who participate in the

development of security countermeasures receive access

to the first ISC certified and approved Risk Management

Process Tool, designed to automate the process of calculating

facility security levels and identifying the relevant

countermeasures associated with various types of threats,

consequences, and vulnerabilities of the 33 undesirable

events.

Graduates of the ISC RMP Training Program are able to:

• Provide guidance to Facility Security Committees

(FSCs)

• Perform ISC-Compliant Risk Assessments

• Determine Facility Security Levels (FSL)

• Identify Necessary Levels of Protection (LOP)

Establishing and executing a comprehensive risk assessment

methodology is a challenge for many Federal facility

security professionals across the country. The ISC RMP

Training Program should be recognized by the Government

Security News 2016 Homeland Security Awards Program

for providing a blended learning solution for Federal

agencies to address risk assessment challenges, reduce

cost and inefficiencies of their security resources, and mitigate

the impact of undesirable events at their facilities.

Link to Web Page of Nominated Organization:

––––––––––––––––––––––––––––––––––––––––

https://cldcentral.usalearning.net/

Link to additional information:

––––––––––––––––––––––––––––––––––––––––

The Department of Justice and Office of Personnel Management partnered

to offer the ISC Risk Management Process Training Program. This course is

designed to provide opportunities for individuals to become experienced

with the ISC Risk Management Process. Participants learn how to accurately

summarize the main features of the ISC Risk Management Process, identify

how its implementation benefit their organization; and given the risk assessment,

make informed, risk-based decisions. The training program consists

of collaborative exercises, hands-on interactive training, and instruction

from accomplished risk management professionals. This is the first and only

ISC certified and approved training course offered to Federal audiences:

https://leadership.opm.gov/programs.aspx?c=180

The current lead RMP instructor, E. Reid Hilliard, also won the GSN’s 2010

federal trophy for his team leadership in documenting the Physical Security

Criteria for Federal Facilities. Note: This nomination is for the training that’s

been implemented based on the 2010 work products:

http://gsnmagazine.com/article/21986/everett_reid_hilliard_doj_and_interagency_security

Nominating contact for this entry:

––––––––––––––––––––––––––––––––––––––––

Reid Hilliard, Assistant Director

Justice Protective Services, DOJ

office: 202-598-1441 cell: 202-514-1441

Janet White, Education Program Director

Eastern Management Development Center,

Center for Leadership Development, OPM

office: 202-606-6531 cell: 202-731-8631

Kevin McCombs

Director Security Services Facilities, Security, and Emergency Management,

OPM

office: 202-418-0201 cell: 202-345-0025

Nominating contact email address:

––––––––––––––––––––––––––––––––––––––––

Everett.R.Hilliard@usdoj.gov

Nominating organization address:

––––––––––––––––––––––––––––––––––––––––

U.S. Department of Justice

Office of Personnel Management

950 Pennsylvania Avenue, NW

1900 E Street, NW

Washington, DC 20530-0001

Washington, DC 20415

92 93


The News Leader in Physical, IT and Homeland Security

CEO/Editorial Director

Adrian Courtenay

917-696-5782

acourtenay@gsnmagazine.com

Editor

Steve Bittenbender

502-552-1450

sbittenbender@gsnmagazine.com

Senior Writer

Karen Ferrick-Roman

412-671-1456

karenferrickroman@gmail.com

Columnist

Shawn Campbell

Campbell on Crypto

shawn.campbell@safenetat.com

Columnist

George Lane

Hazmat Science & Public Policy

georgelane@hotmail.com

Contributing Author

Lloyd McCoy Jr

Immix Group

Contributing Author

Walter Ewing

Contributing Author

Wendy Feliz

Contributing Author

Joshua Breisblatt

Contributing Author

J. Michael Barrett

Contributing Author

Christopher Millar

Gatekeeper Security

Art Director

Gerry O’Hara, OHDesign3

gerry@ohd3.com

203-249-0626

Production Manager

Brenden Hitt

Brenden.hitt@gsnmagazine.com

Direct: 203-216-7798

FREE

SUBSCRIPTION

SIGN-UP

Monthly Digital Edition

Airport/Seaport Newsletter

Daily Insider Newsletter

Cybersecurity Newsletter

CLICK HERE

94

More magazines by this user
Similar magazines