News

In 2012

In August 2012 Securicon's Valerie Thomas will speak on Security's Weakest Link at Nordic Security Conference (NSC) in Reykjavik, Iceland. NSC is an International Information Security conference that brings the latest developments in IT Security to Scandinavia. Valerie will be delivering a C-Level talk on the threat of social engineering and how companies can implement effective defenses to protect their most valuable information.


From April 2-5 Securicon was a Gold sponsor of the Open Web & Application Security Project’s (OWASP) AppSec DC 2012, which provided a unique and important forum for leaders from the web and application security space to interface with leaders from the industrial control systems/scada security space to discuss how coperation from the traditionally separate initiatieves could be levergaged into create progress in both areas. Securicon employee Mark Bristow, with the support of Securicon, is also the Chair of the OWASP Global Conferences Committee as well as a recurring AppSec DC organizer, conference planner and local chapter leader. Securicon also supports the local OWASP DC chapter by providing food and beverage refreshment for local meetings and has done so since 2008.


Securicon has entered into a partnering agreement with Onapsis, one of the premiere companies specializing in the security of SAP environments.  SAP applications tend to be used for the code business applications in medium to large companies and present a complex software engineering, business application and data management environment.  The Onapsis X-1 scanner is the  first comprehensive solution for the automated security assessment of SAP systems.  Together Securicon and Onapsis provide a comprehensive security assessment of deployed SAP applications from software engineering to deployment to operations.  This teaming arrangement allows us to identify:

· Server platform vulnerabilities
· Network vulnerabilities
· Opportunities for unauthorized access and privilege escalation
· Insecure ABAP and Java instance configurations
· Missing SAP Security Notes and patches
· Dangerous user authorizations
· Insecure interfaces between systems
· Insecure code promotion and production deployment



Securicon has recently been awarded a 7 figure contract to provide continuing “end to end” cyber security services for a Large Investor Owned Utility - Smart Grid project. This vote of confidence is indicative of the high quality of work we continue to provide as a leader in providing Smart Grid Security Services.


For the third consecutive year, Securicon has recently been awarded the annual NERC CIP 005/007 contract for a Large International Investor Owned Utility.  Since Urgent Action 1200 and the inception of the NERC CIP Standards, Securicon has been providing comprehensive assessments based on a proven methodology for Power and Transmission Utilities of every size, with over 200 assessments conducted.


Securicon has recently been awarded a large 6 figure contract by one of the largest Utilities in the USA, to provide application security services for a range of projects specific to business transformation into an SAP environment. This project illustrates the range of Securicon’s capability in providing assessments for many different application challenges.


Securicon has recently completed a NERC CIP Audit “Readiness Assessment” for NERC CIP 005/006 and 007 for an Investor Owned Utility. More than just a Mock Audit, Securicon helped the client close the Gaps and create the tools required to meet an actual NERC CIP audit.


Securicon has recently completed a Gap Analysis and Vulnerability Assessment for a large LNG Terminal with Gaps specific to the API 1164 Standards and TSA Guidelines. This project illustrates Securicon continued commitment to the Oil & Gas Industry and their requirements to meet Industry Best Practices for cyber security.