MathCraft Newsletter Issue Q3 2020 – Associate Member of NCMS
Security Under Lockdown: The FSO in Times of Crisis
2020 is a time of crisis for federal agencies and contractors. With an upcoming election, impending changes to security legislation and an ongoing pandemic that has forced organizations to expand their remotely employed workforce, this year has confronted them with an onslaught of uniquely difficult challenges.
During this struggle, MathCraft stands alongside FSOs and other security officers who fight at the front line of our nation’s battle against foreign and domestic threats. In this edition of our quarterly newsletter, we focus on developments in national security during the COVID-19 lockdowns, and how to survive them.
Hackers Target Teleworking Feds – consistent with early warnings from security experts, cybercriminals have targeted federal employees working remotely during the COVID-19 lockdowns. Read More
DoD Wants Remote Workers to Be Able to Access Classified Information – the Defense Department is steadily working to provide remote employees and teleworkers access to classified data through its Commercial Virtual Remote collaboration environment, aiming for Impact Level 5 protection by the end of 2020. Read More
NSA Takes Rare Steps to Support Telework, Remote Work – in a significant change from precedent, the National Security Agency (NSA) has followed in the DoD’s footsteps by seeking to provide remote employees with access to mission data through an unclassified cloud environment. Read More
With Many Federal Employees Working from Home, Cybersecurity Experts Look to Beef Up Defenses – widespread remote employment has introduced many new cybersecurity challenges to the workplace, prompting many to call for rapid IT modernization throughout the federal government. Read More
CMMC Rule Change ‘Undeterred’ by Pandemic; Requirements Coming Soon – the Defense Department has no plans to postpone the Cybersecurity Maturity Model Certification (CMMC); after an update to DFARS that is expected in October, CMMC-compliance will be listed as a requirement on future RFPs. Read More
Managers Who Stay Connected to Remote Employees Could Reduce Insider Threats, State Official Says – managers should carefully monitor their remote personnel for stress and isolation to combat increased insider threats says director of the State Department’s Insider Threat Program Jacqueline Antiles. Read More
Defense Contractors Must Wait Months for COVID-19 Reimbursements – according to the Pentagon’s top weapons buyer, companies in the defense industry may have to wait longer than 5 months for reimbursement related to COVID-19 costs incurred between March and September of this year. Read More
NSA Offers Tips to Limit Location Data Exposure – location services available on remote endpoints are easily targeted by malicious actors. In a recent report, the NSA assesses the scale of this risk, and offers strategies for mitigating exposure. Read More
Researchers Uncover Vulnerabilities in Devices Used at Industrial Facilities – Industrial Control Systems (ICS) remain vulnerable to attacks that threaten critical infrastructure throughout the U.S, according to researchers from Trend Micro. Read More
White House Objects to Senate Security Clearance Reforms – on the basis of security concerns, the White House has joined OBM officials in objecting to Senate-passed legislation which would allow clearance seekers to challenge revoked or denied clearances. Read More
Nearly Half of Security Clearance Holders Now Under Continuous Evaluation – The DCSA continues to make progress on security clearance processing times and enrolling new applicants into its Continuous Evaluation (CE) program. Read More
Security Clearance Reformers Tout Progress Amid COVID-19 – The federal government is in the midst of the biggest overhaul of the security clearance process in the program’s 50-year history, and COVID-19 is pushing some of those reforms along. Read More
DoD, IC Juggling Telework, Workforce Flexibilities to Accomplish Classified Work – Every agency has struggled with how to adapt to the maximum telework environment the federal government has been operating under since March. Read More
Staying Secure Under Lockdown
Remote endpoints – including all work-related devices outside your organization’s physical location – are being targeted by hackers every day. Make sure that your employees follow the NSA’s tips to keep PCs, smartphones and other remote devices safe:
- Use a virtual private network (VPN) to securely access organizational resources without compromising location or identity
- Disable location services on all your remote devices
- Avoid applications that heavily depend on location data (examples include maps, compasses or fitness apps)
- Use airplane mode when you are not accessing the Internet; disable Bluetooth and WiFi whenever possible
To protect cleared facilities effectively, FSOs need the cooperation of everyone in their organization. The same is true when it comes to defending its digital boundaries which are geographically extended under lockdown.
Be Ready for CMMC
FSOs in the defense sector may be worried about their next audit, but now they have a new challenge to contend with: over a year since it was first announced, the Cybersecurity Maturity Model Certification (CMMC) will finally be taking effect in October, following a change to DFARs. While the CMMC provides lenience through its 5-layers of cybersecurity, it also requires that contractors submit to a third-party review for compliance.
Based in large part on NIST 800-171, the CMMC expands compliance requirements to second and third-party businesses providing vital services to a Defense contractor. Consequently, the CMMC’s requirements will soon be extended to a much larger group of businesses than those working directly with the DoD. Learn how MathCraft’s technology solutions can help your business to fully comply with DFARs, NISPOM, and CMMC.
Report Foreign Travel Painlessly with Access Commander
The year 2020 hasn’t been great for vacationing. But since the start of August, the world tourism industry has shown slow signs of recovery, and on Thursday, August the 6th, the U.S Department of State finally lifted its International Travel Advisory warning U.S citizens to stay at home amidst the global coronavirus epidemic.
In any case, if you or any personnel in your organization are planning to leave the country, the Director of National Intelligence (ODNI) wants to know about it. For FSOs, it is more important than ever to understand foreign travel reporting requirements which are covered under “counterintelligence” as defined by DCSA. Read More
Access Commander is optimized for ease-of-access, providing comprehensive functionality for governance and oversight via 24 modules and convenient dashboards. Whether managing personnel, contracts, facilities or your insider threat program, finding and shifting between modules is a cinch. We’ve made the process of information retrieval even easier with data “drilldown” features integrated across the Access, ViSi and Portal Commander products.
Visit our blog to learn more about data drilldown, and how it makes an FSO’s job just a little bit easier.
MathCraft Security Technologies, Inc. is the leading provider of innovative software and technologies for Industrial Security professionals. Our tools are compliant with 32 CFR Part 117, NISPOM Rule and are available on-premises or in the cloud. Contact us today to see how our products can transform your security operations!
NCMS Endorsement/Disclaimer: References to commercial products, processes, or services do not necessarily constitute an endorsement by NCMS Inc. The opinions and views expressed on this email and on any linked web sites do not necessarily reflect those of NCMS.
© 2022 MathCraft Security Technologies, Inc. All Rights Reserved.
44121 Harry Byrd Highway, Suite 200, Ashburn, Virginia 20147
703-729-9022, info@mathcraft.com
Quick Links
MathCraft offers the most comprehensive industrial security software in the industry. Our products are compliant with 32 CFR Part 117, NISPOM Rule, and are available on-premise or in the cloud!
