The GCC Preparation Guide

Photo of a phone, with technology and the cloud that representation of GCC Government Community Cloud

Between constant national-security compliance updates, the increase in cybersecurity incidents, and the need for cleared personnel to remotely access network resources such as applications or sensitive data, there had to be a solution available that balances user accessibility with security and compliance. This prompted the creation of Microsoft 365 Government Community Cloud (GCC) just a…

Read More

Top Seven DCSA Training Requirements for FSOs

Because of the magnitude involved in working with classified information about our national security, the Defense Counterintelligence and Security Agency (DCSA), in conjunction with the National Industrial Security Program Operating Manual (NISPOM), has set numerous submission and sponsorship standards to acquire and maintain a Facility Security Clearance (FCL). Arguably, one of the most tedious is the DCSA…

Read More

Safer Federal Workplace – Why Screening is Getting More Difficult

Whether you’re talking about individual facility security teams or the Federal Protective Service as a whole, there’s no question that their responsibilities for screening federal buildings are becoming exponentially challenging. The constantly evolving landscape of new threats, risks, and patron expectations puts these teams in formidable positions of trying to reactively create a safer federal…

Read More

Federal Contractors: How SEAD 3 Helps with New Reporting Guidance

As part of a way to mitigate against evolving insider threats to national security information, the Defense Counterintelligence and Security Agency (DCSA) implemented the Security Executive Agent Directive 3 — commonly referred to as SEAD 3. The directive, which became effective June 12th, 2017, created reporting requirements for defense contractors and employees who have access to classified information.…

Read More

How FSOs Can Manage Cybersecurity

While Facility Security Officers (FSOs) aren’t traditionally responsible for managing an organization’s cybersecurity program, their role in protecting national security information and overseeing facility access control systems often puts them in line with the duties of a Chief Information Security Officer (CISO). Managing facility and cybersecurity have become blended today as cyber-attacks become more sophisticated…

Read More

How Insider Threats are Evolving in 2022

In the midst of a rising cybersecurity crisis, it’s worth keeping one thing in mind: the best way to infiltrate an organization is from the inside. With experts estimating that two out of every three data breaches are caused by insiders, insider threats remain a major concern for cleared organizations, demanding constant vigilance and alertness from facility security…

Read More

The Log4Shell Exploit in Retrospect: 3 Takeaways for FSOs

The holiday seasons have become a perilous time for government agencies and cleared facilities: while everyone else is wrapping gifts, cyber actors are ramping up their malicious activities – and the 2021 holiday season was no exception. At the beginning of December 2021, the Apache Software Foundation disclosed a remote code execution (RCE) vulnerability in the popular…

Read More

What’s New in 2022? Security Predictions for Cleared Facilities

2021 was an eventful year for cleared facilities, bringing new federal security legislation driven by changing trends in technology and the workforce. With rising cybersecurity threats and international conflict on the horizon, 2022 is shaping up to be just as disruptive, and FSOs must be prepared. Today, FSOs stand at the front line of America’s…

Read More

Everything FSOs Need to Know About CMMC 2.0

In November 2021, the Department of Defense (DoD) introduced a major update to the Cybersecurity Maturity Model Certification (CMMC): CMMC 2.0. According to the original announcement, this update included significant changes from the previous version of CMMC (1.02), including reduced dependence on third-party assessment, and the elimination of security controls unique to CMMC. In December 2021,…

Read More