Blogs
If you're interested in the latest industrial security trends and topics, then you'll want to hang out here a while.
Seamless NISPOM Compliance with Access Commander and Deltek Products
The National Industrial Security Program Operating Manual (NISPOM) defines security standards that must be followed by U.S organizations (government and corporate) with access to classified information. Among other things, the NISPOM provides guidelines to: • Ensure proper clearance for access to classified information• Provide adequate security training/briefings to personnel• Regulate outgoing and incoming visits to…
Read More
Why Facility Breaches Happen, and How to Prevent Them
In July of 1982, a British man named Michael Fagan climbed a drainpipe in London, broke into Buckingham Palace, and triggered several alarms on the premises. Readers might imagine that he was quickly spotted and apprehended by the Queen’s Guard; that Scotland Yard was called onto the scene before quickly apprehending and arresting the intruder.…
Read More
The Future of FISMA and Security Standardization in the U.S.
As 2018 draws to a close, it’s a good time to reflect on cybersecurity compliance. This year has seen a rise in mobile threats, ransomware, data breaches, and increased focus on the energy sector, which has been the target of foreign attacks. Thankfully it’s not all bad news: as the pressing need to protect the nation’s infrastructure and consumer…
Read More
Enterprise Security Management in the Cloud
Background When Amazon Web Services was proposed in 2003 by Benjamin Black, it had already been a year since the U.S Government completed its effort to create and finalize the Federal Information Security Management Act (FISMA) – which defined IT security across public agencies and partners. This update to U.S. law had taken fifteen years to supplant the aging…
Read More
SEAD 3 and Travel-Reporting Requirements for Cleared Personnel
In 2017 the Director of National Intelligence (ODNI), acting in its capacity as the Security Executive Agent (SecEA), announced a third revision to the Security Executive Agent Directive (SEAD), now known as SEAD 3. Although announced last year, some agencies have only achieved full compliance with SEAD 3 within the last few months. Aiming to reduce insider…
Read More
9 Tips for Improving the Clearance Process
In the past decade, it has become clear that the U.S security clearance process is in a state of crisis. Security clearances are required by all federal employees or employees of cleared contractors with access to classified information – those who need it range from janitors to senior management, and as of 2017, 700,000 individuals were in…
Read More
Insider Threats: Why They Happen and How to Prevent Them
In 2014, Sony was ostensibly held ransom by North Korean attackers calling themselves the ‘Guardians of Peace’ in retaliation against anti-DPRK film The Interview. The incident made headlines around the world, along with chilling images left across company screens depicting a skeleton and links to the publicly leaked data. It was a sensation that gave The Interview more attention than…
Read More
Navigating and Complying with CUI Requirements
The essential prerogative of the U.S. Department of Defense (DoD) is to regulate national security, and a large part of that function entails keeping the wrong information out of the wrong hands and safely sharing it with authorized government agencies and partners. This latter aspect of DoD is commonly designated in pop culture as “classified…
Read More
2018 Client Appreciation Dinner
On May 1st, we hosted our highly-anticipated annual client appreciation dinner in Northern Virginia. Timed to take place during the popular IMPACT conference in Chantilly, our customers joined us for an evening of dinner, drinks, and door prizes at Chantilly National Golf and Country Club in Centreville. At MathCraft, we treasure our clients and were…
Read More