Infographic: The Story of MathCraft

Winter 1980: With a background in computer science, Imo Etuk leaves a prominent defense contractor to start a consulting business. After seeing the chaos surrounding the management of security clearances, MathCraft – named for the algebraic precision needed to design enterprise architecture – is born. Spring 1992: The MathCraft team is invited to a military…

Read More

How Insider Threats are Evolving in 2022

In the midst of a rising cybersecurity crisis, it’s worth keeping one thing in mind: the best way to infiltrate an organization is from the inside. With experts estimating that two out of every three data breaches are caused by insiders, insider threats remain a major concern for cleared organizations, demanding constant vigilance and alertness from facility security…

Read More

The Log4Shell Exploit in Retrospect: 3 Takeaways for FSOs

The holiday seasons have become a perilous time for government agencies and cleared facilities: while everyone else is wrapping gifts, cyber actors are ramping up their malicious activities – and the 2021 holiday season was no exception. At the beginning of December 2021, the Apache Software Foundation disclosed a remote code execution (RCE) vulnerability in the popular…

Read More

What’s New in 2022? Security Predictions for Cleared Facilities

2021 was an eventful year for cleared facilities, bringing new federal security legislation driven by changing trends in technology and the workforce. With rising cybersecurity threats and international conflict on the horizon, 2022 is shaping up to be just as disruptive, and FSOs must be prepared. Today, FSOs stand at the front line of America’s…

Read More

Everything FSOs Need to Know About CMMC 2.0

In November 2021, the Department of Defense (DoD) introduced a major update to the Cybersecurity Maturity Model Certification (CMMC): CMMC 2.0. According to the original announcement, this update included significant changes from the previous version of CMMC (1.02), including reduced dependence on third-party assessment, and the elimination of security controls unique to CMMC. In December 2021,…

Read More

The History of DISS and the Future of Clearance Reform

After more than a decade of preparation, the Defense Counterintelligence and Security Agency (DCSA) finally rolled out the Defense Information System for Security (DISS) this March. Fulfilling a major goal of the Trusted Workforce 2.0 initiative, DISS has risen to replace the Joint Personnel Adjudication System (JPAS) as the Defense Department’s security clearance and access database, solving…

Read More

Cybersecurity Awareness Month: Zero Trust Security and Insider Threats

Following the SolarWinds attack in December of 2020  – and the Colonial Pipeline attack 5 months later – the government has been working overtime to stem the tide of threats to America’s national security. In May 2021, the White House issued Executive Order (EO) 14028, with a long list of reforms intended to strengthen cybersecurity across federal agencies. Now, some of…

Read More

How Cleared Organizations Should Prepare for Supply Chain Attacks

Following the SolarWinds attack in December of 2020, regulators have been pushing for stricter supply chain risk management (SCRM) practices across federal organizations, beginning with a list of recommendations from the Government Accountability Office (GAO). But since the publication of this list, it has become clear that agencies are struggling to comply in a timely way. In response, the…

Read More

How CMMC is Changing Facility Security in 2021

It’s been nearly a year since the Cybersecurity Maturity Model Certification (CMMC) went into effect. Announced by the Department of Defense (DoD) in 2019, the program is an ambitious effort to consolidate security regulations across the Defense Industrial Base (DIB) and supplant the more familiar NIST SP 800-171. Now, implementation is well underway, and the certification…

Read More

FSO Tip: Managing Forms with Portal Commander

Today’s Facility Security Officers (FSOs) have a tough job. Not only must they ensure that their facilities comply with increasingly strict security regulations, but they must also assist with employee training activities, protect classified information, conduct self-inspections, and much more. With so many things to do, FSOs don’t have all day to spend in front…

Read More