MathCraft Newsletter Issue Q4 2019 – Associate Member of NCMS
Get Ready for the 2020s: A Decade of Security Modernization
HAPPY NEW YEAR from MathCraft!
With a decade of advancements in security standards and modernization across the federal government behind us, the next ten years are shaping up to be just as interesting: In 2019, the DCSA emerged as the government’s newest security agency under the DoD. Using artificial intelligence and machine learning, it managed to reduce the unwieldy clearance backlog – what will it do next?
Now that foreign espionage and insider threats have distinguished themselves as the year’s most potent danger to National Security, the DCSA – along with the rest of the industry – will combat them through a combination of emerging technologies: automation, data analysis and smarter compliance. To survive the next ten years, organizations will have to embrace modernization and stay one step ahead of risk.
Continuous evaluation enrollment will more than double in 2020, DoD says – according to the DCSA, the number of cleared personnel enrolled in continuous evaluation (CE) will reach 3.6 million enrollment by the end of 2020, thanks to a push by the Trump administration Read More
Fatal shootings at US military bases highlight unexpected and growing threat – insiders with access badges – five murders across military installations in Florida and Hawaii remind FSOs that insider threats are very real and very dangerous Read More
Survey: Ransomware Will Continue to Threaten Public Sector Organizations in 2020 – after 30% of federal IT professionals encountered ransomware attacks this year, 80% of them predict that the threat of ransomware will either stay the same or grow in 2020 Read More
Ex-CIA Officer Sentenced To 19 Years For Conspiracy To Spy For China – with ex-CIA officer Jerry Chun Shing Lee’s imprisonment, three espionage cases have linked former U.S intelligence officers to China this year Read More
GSA, NIST look at automation to remove FedRAMP certification hurdles – with the Open Security Controls Assessment Language (OSCAL), the GSA hopes to lay the groundwork for automation that could significantly expedite the review process for vendors seeking FedRAMP certification Read More
Avoiding Vendor Risk
With the release of CMMC, the DoD is cracking down on risk from vendors and product manufacturers. Here’s how you can get a head start:
- Vet business practices before working with any vendor for customer satisfaction and good support
- Verify the quality of secure design by ensuring that their products are certified by bodies like the National Information Assurance Partnership (NIAP) or International Organization for Standardization (ISO)
- Avoid end-of-life products, which will likely lose support and patches for vulnerabilities soon after they are required
- Verify security controls according to NIST RMF principles
Without assessing vendors for risk and continually monitoring their products, foreign governments and other attackers may use them to spy on your organization and threaten National Security.
For more information on this topic, check out our recent blog post, Choosing Better Vendors: How NIST RMF Can Help You Manage IT Risks.
Under the latest edition of the National Industrial Security Program Operating Manual (NISPOM), all cleared facilities are required to maintain an insider threat program to monitor and report suspicious activities.
Within MathCraft’s Access Commander®, FSOs have all the tools they need through the Insider Threat module to:
- Record incidents, investigations and corrective actions all in one place
- Monitor risks and detect patterns in behavior
- Drill down into data using advanced search
- Meet NISPOM criteria for an Insider Threat program comprehensively
In 2019, we witnessed tragic reminders that insider threats are still a reality across major news networks all year. Don’t let your organization be the next victim: take control of your security program today with Access Commander.
Are You Under Attack?In today’s tumultuous industrial security environment, you can’t be a Pollyanna and assume that nothing bad is ever going to happen. It’s best to “hope for the best and prepare for the worst.”
Learn how your organization can thrive under any situation with our latest eBook, Respect. Direct. Protect. Download it now!
MathCraft Security Technologies, Inc. is the leading provider of innovative software and technologies for Industrial Security professionals. Our tools are compliant with 32 CFR Part 117, NISPOM Rule and are available on-premises or in the cloud. Contact us today to see how our products can transform your security operations!
NCMS Endorsement/Disclaimer: References to commercial products, processes, or services do not necessarily constitute an endorsement by NCMS Inc. The opinions and views expressed on this email and on any linked web sites do not necessarily reflect those of NCMS.