MathCraft Celebrates Cybersecurity Awareness Month

Each year in October, the Cybersecurity & Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCA) team up to promote cyber awareness for a wide range of industry topics in what’s known as Cybersecurity Awareness Month. During this time, cybersecurity training, marketing ads, and events take place to provide education on today’s threats, solutions, and…

Read More

Governance, Risk, and Compliance: How Access Commander is Effective for Both Security and Compliance

Facility Security Officers (FSOs) are tasked with essential responsibilities in maintaining data security and integrity while ensuring their organization meets compliance requirements. With the cybersecurity landscape being tenser than ever, government agencies are demanding more from their contractors to deploy security controls, enforce governance policies, and report for audit purposes.   Having to oversee cybersecurity, facility…

Read More

The GCC High Preparation Guide

Everything You Need to Know Plus Answers to FAQs Between constant national-security compliance updates, the increase in cybersecurity incidents, and the need for cleared personnel to remotely access network resources such as applications or sensitive data, there had to be a solution available that balances user accessibility with security and compliance.  Those demands prompted the…

Read More

What is Foreign Ownership, Control, or Influence (FOCI) & How Does it Impact Security Compliance?

Foreign Ownership, Control, or Influence (FOCI) is a status or situation in which a contractor with access to classified information has some foreign investment or association with foreign interest. It’s used by the Defense Counterintelligence and Security Agency (DCSA) to manage our national security interests without denying defense contractors, specifically those with foreign interests, access…

Read More

What is the Zero Trust Security Model

The Zero Trust Security Model, coined just over a decade ago, is a framework organizations can use to construct or enhance their cybersecurity program. It was formulated by considering the modern-day infrastructure challenges that now consist primarily of cloud and hybrid environments — making it difficult to define precisely where a network of servers, applications,…

Read More

Infographic: The Story of MathCraft

Winter 1980: With a background in computer science, Imo Etuk leaves a prominent defense contractor to start a consulting business. After seeing the chaos surrounding the management of security clearances, MathCraft – named for the algebraic precision needed to design enterprise architecture – is born. Spring 1992: The MathCraft team is invited to a military…

Read More

The Log4Shell Exploit in Retrospect: 3 Takeaways for FSOs

The holiday seasons have become a perilous time for government agencies and cleared facilities: while everyone else is wrapping gifts, cyber actors are ramping up their malicious activities – and the 2021 holiday season was no exception. At the beginning of December 2021, the Apache Software Foundation disclosed a remote code execution (RCE) vulnerability in the popular…

Read More

What’s New in 2022? Security Predictions for Cleared Facilities

2021 was an eventful year for cleared facilities, bringing new federal security legislation driven by changing trends in technology and the workforce. With rising cybersecurity threats and international conflict on the horizon, 2022 is shaping up to be just as disruptive, and FSOs must be prepared. Today, FSOs stand at the front line of America’s…

Read More

Everything FSOs Need to Know About CMMC 2.0

In November 2021, the Department of Defense (DoD) introduced a major update to the Cybersecurity Maturity Model Certification (CMMC): CMMC 2.0. According to the original announcement, this update included significant changes from the previous version of CMMC (1.02), including reduced dependence on third-party assessment, and the elimination of security controls unique to CMMC. In December 2021,…

Read More

Cybersecurity Awareness Month: Zero Trust Security and Insider Threats

Following the SolarWinds attack in December of 2020  – and the Colonial Pipeline attack 5 months later – the government has been working overtime to stem the tide of threats to America’s national security. In May 2021, the White House issued Executive Order (EO) 14028, with a long list of reforms intended to strengthen cybersecurity across federal agencies. Now, some of…

Read More