If you're a federal contractor, your reporting requirements just changed -- dramatically.  The days of perhaps one report to security per employee every year is over. 

Security Agent Executive Directive 3 (SEAD 3) just dropped from our friends at the Office of the Director of National Intelligence (DNI). SEAD 3 became effective June 12, 2017 and requires contractors holding sensitive positions or who have access to any type of classified information to report a variety of life events, including all non-work related foreign travel and substantive foreign contacts to their local security office. 

This is well beyond the NISPOM or security clearance reporting we're used to and the time to get smart on it is now. Keep reading to learn more. 

SUMMARY:

The Defense Security Service (DSS) is planning a completely new way of thinking about industrial security and the NISPOM. Are you ready? The infographic below highlights a few things cleared federal contractors need to do to begin adapting to "DSS in Transition" (DiT).

John Dillard and ThreatSwitch were featured in a recent interview by StartCharlotte:

The following information was retrieved via Amazon Press Releases:

Security threats to organizations can be broadly categorized into external threats and insider threats. An external actor usually must do some leg work or research to first identify, then figure out how to take advantage of, an organization’s weaknesses. They are not a member of the organization, so they must either hide their presence or force their way through existing defenses and then get out quickly. On the other hand, an insider not only has special knowledge of his or her organization’s weaknesses, but is also wearing “team colors.” As a trusted member of the organization, it is less likely that their activities will arouse suspicion.

An insider threat is one of the greatest dangers you can face at your federal agency.

According to EY's 2015 Global Information Security Survey, the overwhelming majority of businesses today believe their security protocols related to insider threat are not up to standard. So why is it that insider threat programs rarely get the funding needed? While building an insider threat program is on the agenda for most companies, it normally doesn’t make it to the top of the priority list. One of the top three reasons Insider Threat Programs don’t receive funding is due to LACK OF EXECUTIVE AWARENESS OR SUPPORT. Gaining executive buy-in and sponsorship can be the biggest hurdle to resourcing the level of security your company needs. It’s up to you to ensure your leadership is aware of the facts about insider threat, and why now is the time to do something about it.

Does your company have a classified U.S. Government contract? Do you and your staff currently hold a Facility Security Clearance (FCL)? If so, there is no policy change more vitally important to the success of your business than Conforming Change 2 of the National Industrial Security Program Operating Manual (NISPOM).

No matter the size, all financial institutions are at risk of harm at the hand of their own employees.

“How am I doing?” Four simple words too often overlooked by insider threat programs. Senior leaders need to know how your insider threat program is doing, no matter how ugly the facts are, in order to make informed risk decisions. And according to a survey published by the SANS institute in April of 2015 the numbers might be especially ugly for government agencies that often are slow to detect and respond:

When our team thinks about the goals of ThreatSwitch, it is to make the tough job of a security manager a little bit easier. That goal starts even before a security manager logs in, when the question arises "What do I need to get done today?" In order to help answer that question, we're releasing the first version of the ThreatSwitch Inbox.

As the government moves towards increasingly using Continuous Evaluation to expedite the investigation, ThreatSwitch has you covered. You can now mark personnel as Continuous Evaluation, filter based on that flag, and run exports based on that information.

Wrestling with Excel is so exhausting. Sometimes you would love to have the exact data that you're looking for without having to create tables and sort and filter. With our latest exports, you can query the exact data you need directly in ThreatSwitch and our enhanced reports will provide you with that perfect slice of data.

Contracts are an essential part of organizing security compliance. Now in ThreatSwitch you have the tools to better organize and sort your contracts by assigning contracts as "Prime" or "Subcontract"

We're also excited to announce that you can now control when welcome emails are sent. This should be helpful for customers who want to send a formal internal communication before employees receive login credentials.

We've implemented a couple of design changes to make ThreatSwitch easier-than-ever to use. You'll notice that a slew of small changes that should add up to make navigating in ThreatSwitch a more enjoyable experience.

Managing contracts based on your personnel is an integral component of your NISPOM compliance. ThreatSwitch's tools just got a bit more powerful by enabling security managers to link individual employees to contracts. You can filter down your personnel lists by contract, and assign training based on different contracts as well.

Suffering from information overload? We've introduced smart filtering in our table views to help.  Narrow down your results by a specific CAGE code, status, role, risk score, and more.

Big news from NCMS . . . user provisioning for DISS will begin this week with users who are KMPs and FSOs. Look for the notice coming your way. It's critical that you get your account cleaned up and ready to go. For more information click here.

Another busy week from down here in the ThreatSwitch boiler room: We've added several new features, streamlined old ones, and addressed a few tricky bugs.

As it turns out, we do need badges.  Fortunately, we're here to help:  The latest version of ThreatSwitch includes Badge Management (as well as a whole lot of enhancements and bug fixes)!

When our team thinks about the goals of ThreatSwitch, it is to make the tough job of a security manager a little bit easier. That goal starts even before a security manager logs in, when the question arises "What do I need to get done today?" In order to help answer that question, we're releasing the first version of the ThreatSwitch Inbox.

As the government moves towards increasingly using Continuous Evaluation to expedite the investigation, ThreatSwitch has you covered. You can now mark personnel as Continuous Evaluation, filter based on that flag, and run exports based on that information.

Wrestling with Excel is so exhausting. Sometimes you would love to have the exact data that you're looking for without having to create tables and sort and filter. With our latest exports, you can query the exact data you need directly in ThreatSwitch and our enhanced reports will provide you with that perfect slice of data.

Contracts are an essential part of organizing security compliance. Now in ThreatSwitch you have the tools to better organize and sort your contracts by assigning contracts as "Prime" or "Subcontract"

We're also excited to announce that you can now control when welcome emails are sent. This should be helpful for customers who want to send a formal internal communication before employees receive login credentials.

We've implemented a couple of design changes to make ThreatSwitch easier-than-ever to use. You'll notice that a slew of small changes that should add up to make navigating in ThreatSwitch a more enjoyable experience.

Managing contracts based on your personnel is an integral component of your NISPOM compliance. ThreatSwitch's tools just got a bit more powerful by enabling security managers to link individual employees to contracts. You can filter down your personnel lists by contract, and assign training based on different contracts as well.

Suffering from information overload? We've introduced smart filtering in our table views to help.  Narrow down your results by a specific CAGE code, status, role, risk score, and more.

Another busy week from down here in the ThreatSwitch boiler room: We've added several new features, streamlined old ones, and addressed a few tricky bugs.

As it turns out, we do need badges.  Fortunately, we're here to help:  The latest version of ThreatSwitch includes Badge Management (as well as a whole lot of enhancements and bug fixes)!

Another day, another update!  The development team has been hard at work to deliver a fresh batch of features.

If you're a federal contractor, your reporting requirements just changed -- dramatically.  The days of perhaps one report to security per employee every year is over. 

Security Agent Executive Directive 3 (SEAD 3) just dropped from our friends at the Office of the Director of National Intelligence (DNI). SEAD 3 became effective June 12, 2017 and requires contractors holding sensitive positions or who have access to any type of classified information to report a variety of life events, including all non-work related foreign travel and substantive foreign contacts to their local security office. 

This is well beyond the NISPOM or security clearance reporting we're used to and the time to get smart on it is now. Keep reading to learn more. 

SUMMARY:

The Defense Security Service (DSS) is planning a completely new way of thinking about industrial security and the NISPOM. Are you ready? The infographic below highlights a few things cleared federal contractors need to do to begin adapting to "DSS in Transition" (DiT).

What's New

• Added an Insider Threat Program Plan (ITTP) template located under the profile menu
• Added username (user display name) and dropdown arrow to the profile menu
• Changed the subject field title to "Who are you reporting on?"on the create new incident screen
• Changed "Watchers" field title to "Reporter" on the create new incident screen
• Replaced dropdown from "Watchers" (reporter) field to current user as default reporter
• Users are now instantly redirected to the login screen upon logout
• Removed all the "Import CSV" buttons from screens which cannot use a CSV to import
• Various other UX/UI Fixes
• Various other bug fixes

John Dillard and ThreatSwitch were featured in a recent interview by StartCharlotte:

If you're in the market for an inspiring article - look no further. You have got to check out John Dillard's interview with Bussiness Collective (YEC). It will open your eyes and motivate you to make yourself and your company the best it can be!

The following information was retrieved via Amazon Press Releases:

By now, you are familiar with the concept of insider threat and the ways in which the methodology outlined in Conforming Change 2 can help identify and mitigate malicious attacks against your company's assets. It goes without saying that blatant disregard for security protocol and obvious signs of employee disgruntlement should be documented and investigated immediately. But in order to reach full compliance (and maximum effectiveness), you can’t stop there! Let’s take a look at section 3-104.b of Industrial Security Letter (ISL) 2016-02:

Dealing with insider threats is a complicated, time-consuming task. With so many potential threats to protect against, you might not know where to begin. Do you start with data, privacy or physical security? How much of your budget should you allocate to each? Before you can answer these questions, you need to know what you’re up against.

There is an ever-growing need to improve your agency’s insider threat detection, recognition and mitigation abilities. New legislation also stresses better organizational security for federal agencies.