Physical Facility Security for Cybersecurity
Physical facility security controls are essential for effective cybersecurity and export compliance programs. A facility’s threat matrix pertains not only to human centered activities but also include environmental effects such as flooding and earthquakes. It also includes factors that support a facility such as electrical power and HVAC. NIST SP 800-12 An Introduction to Computer Security: […]
U.S. Reexport Regulations – ITAR and EAR
U.S. reexport regulations can apply to certain goods and technologies that fall under the jurisdiction of the ITAR and EAR. Exporters are therefore responsible for ensuring that all legal requirements are met when engaging in reexports. Reexport and Retransfer Requirements Under the ITAR Reexport under the International Traffic in Arms Regulations (ITAR) 22 CFR § […]
Developing MIL-STD-810 Test Programs
Properly developing MIL-STD-810 test programs provides accurate evaluations of a product’s capability to withstand climatic and dynamic stresses that occur in the expected life cycle of a product. Failure to perform this important step can lead to inaccurate evaluations, product development delays, and field failures. MIL-STD-810 Department of Defense Test Method Standard MIL-STD-810, Environmental Engineering Considerations […]
Business Travel Export Licensing Requirements
Business travel export licensing requirements should be considered before planning your next trip abroad. This is especially the case if your organization is involved in the export of commodities or technology that are controlled by export regulations. In these cases, it may be necessary to obtain an export license, exemption, or exception before booking your […]
Facility Security Management for Cyber and Export
Image by freepik Facility security management requires access control systems to manage who can enter or use resources in physical or digital environments. These are requirements for both cybersecurity and export compliance programs. Security Requirements for NIST SP 800-171 NIST SP 800-171 provides guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. […]
Prevention of Counterfeit Parts in AS9100
Photo by Sascha Klement AS9100D calls for the prevention of counterfeit parts in the manufacture of aviation, space, and defense products. The standard defines counterfeit as “An unauthorized copy, imitation, substitute, or modified part (e.g., material, part, component), which is knowingly misrepresented as a specified genuine part of an original or authorized manufacturer.” Section 8.1.4 […]
FEMA IT Employees Fired for Incompetence
Image by vectock on Freepik FEMA IT employees have been fired by Security Secretary Kristie Noem due to significant cybersecurity failures that compromised the agency’s networks. Deficiencies were discovered during a routine cybersecurity conducted by the Department of Homeland Security (DHS) Office of the Chief Information Officer (OICO). These failures included severe lapses in security […]
BIS Eases Syria Sanctions
Image by natanaelginting on Freepik The Bureau of Industry and Security (BIS) eases Syria sanctions in an effort to increase U.S. involvement in rebuilding the country. As stated in Executive Order 14312 the U.S. supports unification and stability of a peaceful Syria. This order will allow the export to Syria of U.S. origin goods, software, […]
NIST Selected to Head NSTC
Photo by Pachon in Motion The U.S. Department of Commerce announced that NIST has been selected to head the National Semiconductor Technology Center (NSTC). This action follows the Department’s voiding of up to $7.4 billion in funding for NATCAST claiming it was established illegally and did not comply with federal law. The Department of Commerce […]
Voluntary Self Disclosure (VSD) Requirements
Picture by Drazen Zigic Voluntary Self Disclosure (VSD) is required if a person or organization believes they may have violated export control regulations. This disclosure can be seen as a mitigating factor when determining penalties for any violations that may have occurred. Export Regulatory Agencies ITAR (International Traffic in Arms Regulations) and EAR (Export Administration […]