With foreign travel, government regulations have remained nebulous. Moreover, as with so many things in industrial security, requirements change dramatically from agency to agency. What may be a vanilla foreign travel questionnaire for the DoD can be a complicated mess in the intelligence community.

One of our major initiatives in 2020 is to improve asset management security and processes. We've quickly learned this is a major problem for industrial security involving the usual headaches - lots of emailing, fuzzy regulations, and long checklists. With such a big and complicated problem that ranges from origination receipt to audits to destruction, we're starting small. So first things first, where are your assets?

When a conversation happens over and over with different customers, it is a good indication of its importance. For our team, that repeated conversation has been about reports, and it has been important to everyone from assistant FSOs to C-suite executives. The bottom line is that easy access to data is the cornerstone of how effective businesses run their security program.

We believe that engaging employees in the industrial security program is an essential part of a healthy and safe reporting environment. But beyond the critical components of insider threat, employees need to be able to quickly know simple things such as the status of an eligibility investigation.

Do you have a list of KMPs you would like to keep organized? What about a group of employees who require a follow-up? Or maybe you need a list of people who are part time? The bottom line is security managers need lots of lists of people and need to be able to quickly view and export those personnel.

ThreatSwitch works with some of the most successful and influential industrial security professionals. Our Partner Perspective series sets out to share their top lessons and insights that you can take away to improve your own program.

For this installment, CEO and Co-Founder of It’s Just Results, Gustav Plato, identifies the top 10 reasons why employees are not applying policies and what you can do to create positive change.

An ongoing challenge for organizations with multiple security managers running their industrial security program is keeping each person informed with their latest tasks and accountable items. ThreatSwitch now helps organize these tasks better by giving you the ability to assign items to individual security managers. Items that can be assigned include reportable information, foreign travel, and outgoing visit requests.

ThreatSwitch works with some of the most successful and influential industrial security professionals. Our Partner Perspective series sets out to share their top lessons and insights that you can take away to improve your own program.

For our inaugural Partner Perspective installment, CEO and Co-Founder of It’s Just Results, Gustav Plato, breaks down the critical need for, and creation of, security policies.

In my career, I have had the privilege of working for and with some of the world's biggest organizations. My employers have included CIA, the US Navy, Deloitte, KPMG, and what is now General Dynamics IT. My current and former clients and customers include a great number of the Fortune 500 and most of the Defense and Intelligence Community. As an Executive in -- and vendor to -- those companies, I have learned a bit about how they deal with security and why it's so tough.

With our latest release, ThreatSwitch has improved the process of gathering information from employees regarding Foreign Travel. These updates allow for employees to easily submit all important pre & post-travel information to their Security Managers. Meanwhile, Security Managers can easily process these reports and take the appropriate actions and next steps.

It’s a tough time to be a compliance executive at a federal contractor. Whether you’re a Chief Compliance Officer, Chief Legal Officer, Chief Security Officer, or VP or Director accountable for compliance, you are faced with a rapidly changing landscape dominated by privacy and security rules.

If you're a federal contractor, your reporting requirements just changed -- dramatically.  The days of perhaps one report to security per employee every year is over. 

Security Agent Executive Directive 3 (SEAD 3) just dropped from our friends at the Office of the Director of National Intelligence (DNI). SEAD 3 became effective June 12, 2017 and requires contractors holding sensitive positions or who have access to any type of classified information to report a variety of life events, including all non-work related foreign travel and substantive foreign contacts to their local security office. 

This is well beyond the NISPOM or security clearance reporting we're used to and the time to get smart on it is now. Keep reading to learn more. 

I was saddened to read about yet another case of an employee at a defense contractor spying for a foreign power. This time it was Monica Elfriede Witt, who wasn’t just some low level clearance-holder like Manning; she had access to some of our most sensitive national security information in her counterintelligence and Special Access Program roles. This is truly a devastating setback.

SUMMARY:

The Defense Security Service (DSS) is planning a completely new way of thinking about industrial security and the NISPOM. Are you ready? The infographic below highlights a few things cleared federal contractors need to do to begin adapting to "DSS in Transition" (DiT).

In my career, I have had the privilege of working for and with some of the world's biggest organizations. My employers have included CIA, the US Navy, Deloitte, KPMG, and what is now General Dynamics IT. My current and former clients and customers include a great number of the Fortune 500 and most of the Defense and Intelligence Community. As an Executive in -- and vendor to -- those companies, I have learned a bit about how they deal with security and why it's so tough.

According to EY's 2015 Global Information Security Survey, the overwhelming majority of businesses today believe their security protocols related to insider threat are not up to standard. So why is it that insider threat programs rarely get the funding needed? While building an insider threat program is on the agenda for most companies, it normally doesn’t make it to the top of the priority list. One of the top three reasons Insider Threat Programs don’t receive funding is due to LACK OF EXECUTIVE AWARENESS OR SUPPORT. Gaining executive buy-in and sponsorship can be the biggest hurdle to resourcing the level of security your company needs. It’s up to you to ensure your leadership is aware of the facts about insider threat, and why now is the time to do something about it.

John Dillard and ThreatSwitch were featured in a recent interview by StartCharlotte:

The following information was retrieved via Amazon Press Releases:

An insider threat is one of the greatest dangers you can face at your federal agency.

Does your company have a classified U.S. Government contract? Do you and your staff currently hold a Facility Security Clearance (FCL)? If so, there is no policy change more vitally important to the success of your business than Conforming Change 2 of the National Industrial Security Program Operating Manual (NISPOM).

With foreign travel, government regulations have remained nebulous. Moreover, as with so many things in industrial security, requirements change dramatically from agency to agency. What may be a vanilla foreign travel questionnaire for the DoD can be a complicated mess in the intelligence community.

One of our major initiatives in 2020 is to improve asset management security and processes. We've quickly learned this is a major problem for industrial security involving the usual headaches - lots of emailing, fuzzy regulations, and long checklists. With such a big and complicated problem that ranges from origination receipt to audits to destruction, we're starting small. So first things first, where are your assets?

When a conversation happens over and over with different customers, it is a good indication of its importance. For our team, that repeated conversation has been about reports, and it has been important to everyone from assistant FSOs to C-suite executives. The bottom line is that easy access to data is the cornerstone of how effective businesses run their security program.

We believe that engaging employees in the industrial security program is an essential part of a healthy and safe reporting environment. But beyond the critical components of insider threat, employees need to be able to quickly know simple things such as the status of an eligibility investigation.

Do you have a list of KMPs you would like to keep organized? What about a group of employees who require a follow-up? Or maybe you need a list of people who are part time? The bottom line is security managers need lots of lists of people and need to be able to quickly view and export those personnel.

An ongoing challenge for organizations with multiple security managers running their industrial security program is keeping each person informed with their latest tasks and accountable items. ThreatSwitch now helps organize these tasks better by giving you the ability to assign items to individual security managers. Items that can be assigned include reportable information, foreign travel, and outgoing visit requests.

In my career, I have had the privilege of working for and with some of the world's biggest organizations. My employers have included CIA, the US Navy, Deloitte, KPMG, and what is now General Dynamics IT. My current and former clients and customers include a great number of the Fortune 500 and most of the Defense and Intelligence Community. As an Executive in -- and vendor to -- those companies, I have learned a bit about how they deal with security and why it's so tough.

With our latest release, ThreatSwitch has improved the process of gathering information from employees regarding Foreign Travel. These updates allow for employees to easily submit all important pre & post-travel information to their Security Managers. Meanwhile, Security Managers can easily process these reports and take the appropriate actions and next steps.

Visitor Access Requests are a regular headache for security managers. It is a cumbersome process to collect all the required information from employees (often over email 😭) then file that to JPAS or to a recipient directly.

As always, ThreatSwitch is here to help.

I was saddened to read about yet another case of an employee at a defense contractor spying for a foreign power. This time it was Monica Elfriede Witt, who wasn’t just some low level clearance-holder like Manning; she had access to some of our most sensitive national security information in her counterintelligence and Special Access Program roles. This is truly a devastating setback.

In my career, I have had the privilege of working for and with some of the world's biggest organizations. My employers have included CIA, the US Navy, Deloitte, KPMG, and what is now General Dynamics IT. My current and former clients and customers include a great number of the Fortune 500 and most of the Defense and Intelligence Community. As an Executive in -- and vendor to -- those companies, I have learned a bit about how they deal with security and why it's so tough.

I was saddened to read about yet another case of an employee at a defense contractor spying for a foreign power. This time it was Monica Elfriede Witt, who wasn’t just some low level clearance-holder like Manning; she had access to some of our most sensitive national security information in her counterintelligence and Special Access Program roles. This is truly a devastating setback.

It’s a tough time to be a compliance executive at a federal contractor. Whether you’re a Chief Compliance Officer, Chief Legal Officer, Chief Security Officer, or VP or Director accountable for compliance, you are faced with a rapidly changing landscape dominated by privacy and security rules.

If you're a federal contractor, your reporting requirements just changed -- dramatically.  The days of perhaps one report to security per employee every year is over. 

Security Agent Executive Directive 3 (SEAD 3) just dropped from our friends at the Office of the Director of National Intelligence (DNI). SEAD 3 became effective June 12, 2017 and requires contractors holding sensitive positions or who have access to any type of classified information to report a variety of life events, including all non-work related foreign travel and substantive foreign contacts to their local security office. 

This is well beyond the NISPOM or security clearance reporting we're used to and the time to get smart on it is now. Keep reading to learn more. 

SUMMARY:

The Defense Security Service (DSS) is planning a completely new way of thinking about industrial security and the NISPOM. Are you ready? The infographic below highlights a few things cleared federal contractors need to do to begin adapting to "DSS in Transition" (DiT).

What's New

• Added an Insider Threat Program Plan (ITTP) template located under the profile menu
• Added username (user display name) and dropdown arrow to the profile menu
• Changed the subject field title to "Who are you reporting on?"on the create new incident screen
• Changed "Watchers" field title to "Reporter" on the create new incident screen
• Replaced dropdown from "Watchers" (reporter) field to current user as default reporter
• Users are now instantly redirected to the login screen upon logout
• Removed all the "Import CSV" buttons from screens which cannot use a CSV to import
• Various other UX/UI Fixes
• Various other bug fixes

John Dillard and ThreatSwitch were featured in a recent interview by StartCharlotte:

If you're in the market for an inspiring article - look no further. You have got to check out John Dillard's interview with Bussiness Collective (YEC). It will open your eyes and motivate you to make yourself and your company the best it can be!

The following information was retrieved via Amazon Press Releases: