Cyber Risk Collaboration and Knowledge Tool (CRiCKeT)

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: 70RSAT19C00000022
Agency Tracking Number: FY19.1-H-SB019.1-006-0010-I
Amount: $149,947.99
Phase: Phase I
Program: SBIR
Solicitation Topic Code: H-SB019.1-006
Solicitation Number: FY19.1
Timeline
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-06-03
Award End Date (Contract End Date): 2019-12-02
Small Business Information
17 Normandy, Basking Ridge, NJ, 07920-1905
DUNS: 002750680
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 David Fisher
 CTO
 (803) 493-0404
 dfisher@yourcardsolution.com
Business Contact
 David Fisher
Title: CTO
Phone: (803) 493-0404
Email: dfisher@yourcardsolution.com
Research Institution
N/A
Abstract
Knowledge is empowering! Organizations equipped with timely cyber risk and defense knowledge are in a much better position to properly quantify and react to cyber risks. Surprisingly, many organizations are still poorly prepared with the needed information, experiences, and best practices to effectively combat sophisticated cyber threats.The Cyber Risk Collaboration & Knowledge Tool (CRiCKeT) is an extensible information sharing framework that serves as both knowledge base and collaboration tool. By encouraging collaboration among like-minded organizations, cyber defense and remediation strategy and tactics become much more attainable.As part of this SBIR Phase I, CardSmart Technologies will define the requirements and complete the initial design and architecture for CRiCKeT. The proposed approach is to select a ready-made core framework to provide the basic operations for populating a knowledge repository, peer collaboration, user provisioning, tablet/mobile support, and other fundamental application building blocks. This core is then augmented with enriched functionality which may include threat modeling, machine-learning-assisted risk scoring, predictive alerts, advanced cataloging and support of rich artifacts (source code, logs, config data, VMs/containers, etc.). This "select and extend" strategy will yield a finished system sooner, at a lower cost with less development risk.Phase I will advance the system design to the point where a table top demonstration can be prepared.This will give stakeholders a glimpse at the art-of-the-possible. The system architecture will then be carried forward to Phase II for full scale development and deployment.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government