LIGHTNING ROUNDS

*For scheduling of the lighting rounds please visit the conference agenda.

Company: Netizen Corporation

Background: 

Netizen specializes in Cybersecurity, Security Engineering, Software Assurance, and related solutions. We help customers worldwide (CONUS and OCONUS) build in security, monitor critical infrastructure, test and validate systems, assess compliance, achieve Authorization to Operate (ATO), and more. In partnership with Novus JV, which specializes in helping customers with Cybersecurity, business transformation, and technology modernization efforts, we have embraced a customer-centric approach to problem-solving and have repeatedly demonstrated an ability to deliver unique, cost-effective solutions that yield tangible results. According to SBA rules, Novus JV is considered an 8(a) and HUBZone entity eligible for sole source awards. The Fila Group, the managing venturer of Novus JV, works as a Prime contractor with the Department of Energy's Office of Technology Transitions. Novus JV was formed to support the Department of Energy’s mission by addressing energy, environmental, and nuclear challenges through innovative technology solutions. AutoSTIG stands out as a transformative tool in security compliance. Automating validation tasks, reducing effort, and minimizing errors enhances the compliance process's efficiency and accuracy. Its recognition as a disruptive technology underscores its value and impact, particularly in the federal government market and defense sector. With broad system support and comprehensive reporting capabilities, AutoSTIG is a vital asset for any organization seeking to maintain rigorous security standards and achieve regulatory compliance with greater ease and reliability.

---

Company: AnglioTech, LLC

Background:

Anglicotech established its Supply Chain Resiliency Operations Center (SC-ROC) in 2022 to provide expert, tailored Supply Chain Risk Management (SCRM) services to Federal Government Agencies and address Supply Chain threats and vulnerabilities. The SC-ROC is built around the newest NIST 800-161 Revision 1 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations. Our process adopts NIST-800-161 cybersecurity guidance and general SCRM best practices. Anglicotech is part of the community and is actively trying to solve the challenges of SCRM. In addition to industry and Government partners, our business “ecosystem” includes academic organizations, specifically the Georgia Tech Supply Chain & Logistics Institute and Penn State Applied Research Lab. Anglicotech is a small business that is currently serving as a subcontractor to Savannah River Nuclear Solutions (SRNS), which is a contractor to the Department of Energy (DoE). Supply chain illumination means identifying the entities and connections involved in an organization’s supply chain, including products, suppliers, people, and geo-political context. To effectively identify supply chain risk, it’s not enough to examine 1st-tier suppliers. The analysis must go deeper into multiple tiers of suppliers. Illuminating relationships with a vendor can expose risk in the form of Foreign Ownership, Control or Influence (FOCI), single supplier risk, or blacklisted upstream suppliers. As part of its SCRM services, Anglicotech uses tools that scour Open Source Intelligence and commercially available data sources such as news articles, press releases, public filings, transactional documents, customs forms, bills of lading, web scrapes, and social media. This data is then fed through algorithms that evaluate the data and its source to derive a risk level per vendor.

---

Company: Garrison Technology

Background: 

Garrison Technology has spent the better part of the last decade perfecting high assurance isolation technologies for use in the most targeted networks in the world – including the most sensitive networks in the US Government. We have recently begun discussions with the DOE, NNSA, and Sandia National Laboratory about using this technology to reenable web browsing while mitigating web-borne nation-state threats. We understand that users in high-security networks - whether classified networks, operational technology environments, or simply privileged access users - increasingly need information from the open Internet or other less trusted networks to do their jobs. At the same time, genuine security concerns about malicious code or other threats from less trusted networks make it ill-advised to create a direct data path between them.

---

Company: Cogent Security

Background: 

Cogent Security Consulting LLC (Cogent) designed, developed, and implemented two proprietary systems, Annual Operating Plan (AOP) Online and Future Years Nuclear Security Program (FYNSP) Online, which are modern, user-friendly, web-based systems that provide the Department of Energy (DOE), National Nuclear Security Administration (NNSA), Office of Defense Nuclear Security (DNS/NA-70) with transparent budget and cost data as well as operational and performance data. Both systems are deployed and maintained in our Advanced Programs Cloud Services (APCS) cloud environment. APCS possesses an active Authority to Operate (ATO) from NNSA and can be used to support applications and software solutions for any NNSA Office. 

---

Company: Resilient Solutions 21

Background: 

RS21 is a data science company that uses artificial intelligence, data engineering, user experience design, and modern software development methods to empower organizations to make data-driven decisions that positively impact the world. We are data scientists, AI inventors and practitioners, software engineers, designers, data architects + engineers, project managers, and analytics experts. We use technology to bring together individuals from fields that may otherwise never communicate, resulting in new ways of thinking, creating, and acting. With the right people working together, there is truly no limit to what is possible. A core focus is Security and resilience analytics for critical infrastructure planning and investment decisions, e.g., Energy System Visualization, Dependency Analysis + Visualization, Cyber Threat, Risk, and Mitigation Analysis

---

Company: Lastwall

Background: 

Lastwall’s mission is to protect democratic institutions by strengthening the cybersecurity posture of defense, government, and critical infrastructure partners. Deployed with the U.S. Dept. of Defense, Defense Innovation Unit in 2017, the Lastwall platform was designed with a security-first approach based on the most stringent policies and compliance controls. Our goal is to serve as the protective moat around an organization's users, data, cloud infrastructure, and IT networks. While most IDaaS providers are oriented toward getting to market quickly with many integrations and a high software bill of materials (S-BOM), Lastwall was established with the opposite mentality. Our Zero Trust-based platform prioritizes a 'secure to market' strategy, with a low attack surface, unique Public Key Infrastructure created in-house by our talented team of engineers, a low S-BOM, and forward-facing threat mitigation related to Quantum Resilience in the face of Store-Now, Decrypt Later campaigns. Lastwall verifies user identity and prevents unauthorized login attempts to cloud services and IT networks, protecting essential applications and data from credential-based attacks.

---

Company: Operant Networks

Background: 

Our world-class team has decades of experience in complex communication networks, testing and measurement, and renewable energy. Our technical founders have built careers using next-generation technology, often creating entirely new product categories. Operant has developed the first Data-centric solution exclusively for Operational Technology (OT). It’s common to think of connections as point-to-point, but in the real world, they seldom are. Data traverses multiple VPNs, servers, and firewalls as it moves from the field to an operations center. Likewise, most security tools were developed for securing point-to-point infrastructure and network perimeters. Thus, cyber solutions end up stitched together between handoffs, requiring intricate coordination of data decryption/re-encryption, ongoing configurations, and key management in a best-effort attempt to prevent breaches. The result is often an entangled assortment of solutions with marginal effectiveness.

---

Company: Camus

Background: 

The Camus grid management platform is the preferred software tool for engineering, power supply, and operations teams. We’re skilled at thinking about systems as a whole and developing world-class tools for operators. Our platform sits on top of your existing data and software tools to give your team one interface for monitoring and controlling everything on your grid. Our team leverages deep, diverse experience designing and operating distributed systems to provide high-performance, low-complexity management for the grid. We lend our software engineering skills to address climate change. We are committed to accelerating the adoption of renewable energy and reducing carbon emissions from the electric grid; from monitoring and analysis to DER orchestration and local market infrastructure, we provide tools to help you serve your community.

---

Company: QED Secure Solutions

Background: 

We bring together world-renowned industry, academic, and government experts to solve the most challenging problems in cyber security. From strategic to technical, we deliver innovative solutions that make a difference. QED Secure Solutions is a research-driven organization that provides proven capabilities to government and industry partners. QED Secure Solutions is built on providing practical solutions based on research principles and operational experience. Our philosophy is guided by the core ideology of questioning assumptions and critical thinking. Our team consists of award-winning faculty members, industry leaders, and professionals with top-level government experience. We bring a proven track record with decades of experience analyzing complex systems, including avionics, oil and gas, water/wastewater, building automation, electric power, medical devices, information technology, and weapon systems.