Insider Threats
Cybersecurity Awareness Month: Zero Trust Security and Insider Threats
Following the SolarWinds attack in December of 2020 – and the Colonial Pipeline attack 5 months later – the government has been working overtime to stem the tide of threats to America’s national security. In May 2021, the White House issued Executive Order (EO) 14028, with a long list of reforms intended to strengthen cybersecurity across federal agencies. Now, some of…
Read MoreHow Cleared Organizations Should Prepare for Supply Chain Attacks
Following the SolarWinds attack in December of 2020, regulators have been pushing for stricter supply chain risk management (SCRM) practices across federal organizations, beginning with a list of recommendations from the Government Accountability Office (GAO). But since the publication of this list, it has become clear that agencies are struggling to comply in a timely way. In response, the…
Read MoreFSOs in a New Age of Counterterrorism
Terrorism as a global phenomenon is winding down. According to the Global Terrorism Index (GTI), the number of worldwide terror attacks has been on the decline since 2014. But now, U.S policymakers are turning their attention to the rise of “domestic terrorism” incidents around the country, which could lead us into a new era of counterterrorism efforts.…
Read MoreDefending Against Cyberattacks: The FSO’s Perspective
Two weeks ago, news broke of a ransomware attack on Colonial Pipeline, the largest provider of natural gas across the Eastern United States. In response, the company temporarily shut down its 5,500-mile pipeline extending from Houston, TX to Linden, NJ. In the aftermath, gas stations experienced shortages as customers stocked up, and the price of gas increased…
Read MoreWhat Does the New NISPOM Rule Mean for Federal Contractors?
On December 21st, 2020, the Department of Defense (DoD) issued a final rule concerning the National Industrial Security Program Operating Manual (NISPOM). The rule not only incorporates NISPOM into the code of federal regulations (CFT), but it also introduces several new provisions. Most importantly for FSOs, NISPOM now includes the reporting requirements established by Security Executive Agent…
Read MoreTo Detect Insider Threats, Give Your Employees Channels to Report Them
On September 21st 2001, senior analyst for the Defense Intelligence Agency (DIA) Ana Belén Montes was arrested and charged with conspiracy to commit espionage against the United States for the government of Cuba. Prosecutors alleged that her clandestine activities were directly responsible for an attack on U.S Army forces in El Salvador which led to the death of…
Read MoreFSO Tip of the Month: Meet DCSA Counterintelligence Requirements
The Defense Counterintelligence and Security Agency (DCSA) took off running after it was established to replace the Defense Security Service (DSS) in 2019. Since then, it has taken on 95% of background investigations for the U.S government while working to create new security standards for federal agencies and contractors associated with the Department of Defense…
Read MoreThe State of Federal Security: What Contractors Should Know During Cybersecurity Month
October is the scariest month of the year, but not because of Halloween. While the rest of the nation prepares for trick-or-treaters, during October the government observes National Cybersecurity Awareness Month (NCAM) to remind agencies of the scariest danger facing Americans today: cyber-threats. According to Federal CIO Grant Schneider, the U.S government has “come a long way” in cybersecurity…
Read MoreHow Portal Commander is Readying Organizations for the Future of Compliance
Staying NISPOM compliant has always been difficult – but when SEAD 3 went into effect in 2017, the standard for security became more than just compliance. Now, organizations must play an active role in monitoring themselves, their employees, colleagues, and associates. With Portal Commander, we can help. Modern Threats Despite popular belief, the modern FSO knows…
Read MoreDSS Risk Assessment: Terminology Defined and Steps Explained
In accordance with Executive Order 12829, the Defense Security Service (DSS) administers and implements the defense portion of the National Industrial Security Program (NISP). To this end, it publishes the DSS Assessment and Authorization Process Manual (DAAPM) providing a comprehensive Risk Management Framework (RMF) for government agencies and their partners. In June of last year,…
Read More