blog01

There is no denying the threats focused on small and medium-sized businesses from intentional and accidental Insiders. I want you to think about what you’re doing to mitigate those threats and that shapes the perception of your company to would be partners, especially those in the Defense Industry. Before you even get considered, big companies are now starting to take a closer look at your Security Programs, especially your efforts to comply with the new NISPOM Change 2 Insider Threat requirements.

There are many reasons for this new focus on your security, but much of it is based on the big companies realizing they will likely have to give you access to their network to facilitate timely accounting and timekeeping efforts. Even non-CDCs, give Subs access to their network. Remember Target in 2013? Their HVAC company was given restricted access to a small piece of their network….. The smart hackers knew Target had great network security but were able to ride the coattails of the HVAC company who was given access through their firewall.

SO WHAT CAN YOU DO?

I had a conversation recently with a VP of Security for a large Cleared Defense Contractor and they said their organization’s biggest Security concern is NOT with their own Insider Threat programs. Rather, what keeps them up at night are the Insider Threat risks posed by the 350+ small-medium sized companies they team with on government and commercial contracts.

They have a very robust Insider Threat Program and even had an Insider Threat Vulnerability Assessment (ITVA) conducted by our partners at Carnegie Mellon University’s SEI CERT Insider Threat Center.

sei_partner_network_black-1-300x78

They learned from the experts how to identify and mitigate Insider Threats. One of main focuses of the ITVA is to ensure your Trusted Business Partners have the same Insider Threat standards you have….. You are letting them into your business’ most sensitive areas, right?

Our conversation included the benefits of Quortum ITVA for a small-medium company, noting that it would be a clear differentiator, showing they understand the threats posed by insiders and are taking steps to mitigate them.  Quortum has a close partnership with CERT and as a Partner, we provide the same Insider Threat Vulnerability Assessments but focused and scaled to fit every small and medium-sized company’s budget.

flochart6c-300x231

So, listen to the people who are directly influencing Teaming and Business Development Decision-Makers, contact Quortum and we’ll help you show the big dogs you know how to protect your business…. and theirs…..