Cybersecurity Awareness Month: Zero Trust Security and Insider Threats

Following the SolarWinds attack in December of 2020  – and the Colonial Pipeline attack 5 months later – the government has been working overtime to stem the tide of threats to America’s national security. In May 2021, the White House issued Executive Order (EO) 14028, with a long list of reforms intended to strengthen cybersecurity across federal agencies. Now, some of…

Read More

How Cleared Organizations Should Prepare for Supply Chain Attacks

Following the SolarWinds attack in December of 2020, regulators have been pushing for stricter supply chain risk management (SCRM) practices across federal organizations, beginning with a list of recommendations from the Government Accountability Office (GAO). But since the publication of this list, it has become clear that agencies are struggling to comply in a timely way. In response, the…

Read More

FSOs in a New Age of Counterterrorism

Terrorism as a global phenomenon is winding down. According to the Global Terrorism Index (GTI), the number of worldwide terror attacks has been on the decline since 2014. But now, U.S policymakers are turning their attention to the rise of “domestic terrorism” incidents around the country, which could lead us into a new era of counterterrorism efforts.…

Read More

Defending Against Cyberattacks: The FSO’s Perspective

Two weeks ago, news broke of a ransomware attack on Colonial Pipeline, the largest provider of natural gas across the Eastern United States. In response, the company temporarily shut down its 5,500-mile pipeline extending from Houston, TX to Linden, NJ. In the aftermath, gas stations experienced shortages as customers stocked up, and the price of gas increased…

Read More

What Does the New NISPOM Rule Mean for Federal Contractors?

On December 21st, 2020, the Department of Defense (DoD) issued a final rule concerning the National Industrial Security Program Operating Manual (NISPOM). The rule not only incorporates NISPOM into the code of federal regulations (CFT), but it also introduces several new provisions. Most importantly for FSOs, NISPOM now includes the reporting requirements established by Security Executive Agent…

Read More

To Detect Insider Threats, Give Your Employees Channels to Report Them

On September 21st 2001, senior analyst for the Defense Intelligence Agency (DIA) Ana Belén Montes was arrested and charged with conspiracy to commit espionage against the United States for the government of Cuba. Prosecutors alleged that her clandestine activities were directly responsible for an attack on U.S Army forces in El Salvador which led to the death of…

Read More

FSO Tip of the Month: Meet DCSA Counterintelligence Requirements

The Defense Counterintelligence and Security Agency (DCSA) took off running after it was established to replace the Defense Security Service (DSS) in 2019. Since then, it has taken on 95% of background investigations for the U.S government while working to create new security standards for federal agencies and contractors associated with the Department of Defense…

Read More

The State of Federal Security: What Contractors Should Know During Cybersecurity Month

October is the scariest month of the year, but not because of Halloween. While the rest of the nation prepares for trick-or-treaters, during October the government observes National Cybersecurity Awareness Month (NCAM) to remind agencies of the scariest danger facing Americans today: cyber-threats. According to Federal CIO Grant Schneider, the U.S government has “come a long way” in cybersecurity…

Read More

How Portal Commander is Readying Organizations for the Future of Compliance

Staying NISPOM compliant has always been difficult – but when SEAD 3 went into effect in 2017, the standard for security became more than just compliance. Now, organizations must play an active role in monitoring themselves, their employees, colleagues, and associates. With Portal Commander, we can help. Modern Threats Despite popular belief, the modern FSO knows…

Read More

DSS Risk Assessment: Terminology Defined and Steps Explained

In accordance with Executive Order 12829, the Defense Security Service (DSS) administers and implements the defense portion of the National Industrial Security Program (NISP). To this end, it publishes the DSS Assessment and Authorization Process Manual (DAAPM) providing a comprehensive Risk Management Framework (RMF) for government agencies and their partners. In June of last year,…

Read More