Protecting all technology assets and information, the Security Sensor Array shields the USDA network keeping unwanted intruders from infecting the environment, gaining access to intellectual property, or releasing information to cyber criminals.
Security Integration Division (SID) develops and implements an effective communications, outreach, and other cyber security integration strategies with the USDA agencies to ensure information security is integrated into the on-going business of the Department. SID plans, develops, and implements ASOC Customer Relationship Management (CRM) activities, such as the Agency Liaison Program; and provides cyber security reporting and training activities.
ASOC Security Operations (SecOps) is responsible for the staffing, management, and on-going operation of the USDA Enterprise-wide comprehensive monitoring, data analysis, and situational awareness capability for the Department. SecOPS focuses on systems engineering support and architecture of security related products and interfaces; installation of security software; and security engineering solutions for the Enterprise as well as individual agency, offices, and mission-critical applications and systems.
In addition, SecOps is responsible for the USDA Enterprise wide incident handling process, serving as the central point of contact for coordination and incident response, develops, maintains, and implements detailed process and procedures for all phases of the incident handling life cycle.
Compliance, Audits, Policy and Enforcement (CAPE) has responsibility for the day-to-day compliance and oversight of the USDA Security Program as outlined by the Federal Information Security Modernization Act of 2014 (FISMA) and Office of Management and Budget (OMB) mandates. CAPE provides oversight mechanisms, monitoring and reporting on departmental compliance with federal policies. Charged with oversight of the accreditation and authorization of USDA systems through USDA’s Risk Management Framework (RMF), CAPE systematically evaluates over 750 IT systems (including approximately 300 FISMA-reportable systems) to ensure the ongoing security, interoperability, and availability of these systems. Additionally, CAPE develops compliance reports (e.g., agency scorecards, etc.), coordinates responses to audit and data calls, and works with over 34 agencies and staff offices on cyber security matters.