Because of the magnitude involved in working with classified information about our national security, the Defense Counterintelligence and Security Agency (DCSA), in conjunction with the National Industrial Security Program Operating Manual (NISPOM), has set numerous submission and sponsorship standards to acquire and maintain a Facility Security Clearance (FCL). Arguably, one of the most tedious is […]
Whether you’re talking about individual facility security teams or the Federal Protective Service as a whole, there’s no question that their responsibilities for screening federal buildings are becoming exponentially challenging. The constantly evolving landscape of new threats, risks, and patron expectations puts these teams in formidable positions of trying to reactively create a safer federal […]
The Zero Trust Security Model, coined just over a decade ago, is a framework organizations can use to construct or enhance their cybersecurity program. It was formulated by considering the modern-day infrastructure challenges that now consist primarily of cloud and hybrid environments — making it difficult to define precisely where a network of servers, applications, […]
As part of a way to mitigate against evolving insider threats to national security information, the Defense Counterintelligence and Security Agency (DCSA) implemented the Security Executive Agent Directive 3 — commonly referred to as SEAD 3. The directive, which became effective June 12th, 2017, created reporting requirements for defense contractors and employees who have access […]
While Facility Security Officers (FSOs) aren’t traditionally responsible for managing an organization’s cybersecurity program, their role in protecting national security information and overseeing facility access control systems often puts them in line with the duties of a Chief Information Security Officer (CISO). Managing facility and cybersecurity have become blended today as cyber-attacks become more sophisticated […]
In the midst of a rising cybersecurity crisis, it’s worth keeping one thing in mind: the best way to infiltrate an organization is from the inside. With experts estimating that two out of every three data breaches are caused by insiders, insider threats remain a major concern for cleared organizations, demanding constant vigilance and alertness […]
The holiday seasons have become a perilous time for government agencies and cleared facilities: while everyone else is wrapping gifts, cyber actors are ramping up their malicious activities – and the 2021 holiday season was no exception. At the beginning of December 2021, the Apache Software Foundation disclosed a remote code execution (RCE) vulnerability in […]
2021 was an eventful year for cleared facilities, bringing new federal security legislation driven by changing trends in technology and the workforce. With rising cybersecurity threats and international conflict on the horizon, 2022 is shaping up to be just as disruptive, and FSOs must be prepared. Today, FSOs stand at the front line of America’s […]
In November 2021, the Department of Defense (DoD) introduced a major update to the Cybersecurity Maturity Model Certification (CMMC): CMMC 2.0. According to the original announcement, this update included significant changes from the previous version of CMMC (1.02), including reduced dependence on third-party assessment, and the elimination of security controls unique to CMMC. In December […]
