New methods needed for addressing insider threats: A roundtable discussion

By |December 28th, 2016|Compliance, Insider threat, KSE|

Tough Insider Threat Problems Identified   Two federal compliance regimens for insider threat  will drive improved awareness, but not much more. They are NISPOM Conforming Change 2 regulating cleared DOD contractors, and Executive Order 13587 for Federal government departments and agencies. These standards are significant because they formally recognize the insider threat. However, they will have

Stricter DoD Compliance Regimens: a New Trend?

By |December 27th, 2016|Compliance, DFARS, SMB|

Better shape up fast, civilian!   The CC2 - NISPOM and DFARS compliance updates may lead one to perceive DoD as a bit of a bully, carrying a big stick, as discussed in the previous post. Consider what's probably driving these compliance updates. DoD has recognized a rapidly escalating threat environment and the urgent need to protect

Compliance Regimens! All Stick, and no Carrot!

By |December 19th, 2016|Compliance, DFARS, SMB|

As we know, compliance is said to drive security spending. This is certainly going to be the case for SMB defense contractors due to some updates to two DoD compliance regimens. The security controls and cyber incident reporting requirements required, become quite a bit stricter. There is no doubt these regimens are using the "stick" to