For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.

Image module

Haystax for School Safety

Haystax meets the constantly evolving challenges of providing safe learning environments for students, faculty, staff, and local security partners by integrating all vital incident and school facility information into a single, online platform.  Physical assessments and behavioral assessments along with the ability to report and monitor incidents on or near campus are hallmarks of Haystax for School Safety.  Know your threats sooner, respond faster, and effectively coordinate actions for all stakeholders.

Image module

Haystax for Public Safety

Law enforcement professionals are called upon daily to perform a broad range of tasks—from routine patrols, intelligence gathering and investigations to major crime and incident responses. Their challenge is to ensure public safety despite incomplete intelligence, limited cross-jurisdictional information sharing, and tight budgets. Haystax helps law enforcement agencies prepare for and respond to any crisis with a dynamic picture of emerging threats, rapid  intelligence-collection and incident-reporting tools, and a seamlessly integrated user environment that  ensures maximum collaboration and analytically sound command decisions for rapid response.

Image module

Haystax for Enterprise Security

Haystax has developed a suite of applications designed specifically to help corporate security decision-makers and analysts navigate this challenging environment. Haystax alerts corporate leaders to their most likely threats and natural hazards, provides critical security and operational information about each physical facility, regardless of its size or geographic location, and allows risk managers to identify and mitigate their biggest vulnerabilities. Moreover, the Haystax platform enables security teams to manage incidents and major events—from the ops center or out in the field.

Equipped with these insights, CSOs can better anticipate their risks, communicate with leadership and limit their company’s exposure to financial, legal and reputational liabilities.

PrevFinding Ana Montes: A Haystax Use Case24 September 2019NextThe Lessons of Umpqua01 October 2019

Continuous Evaluation Could Save Billions, RAND Says

September 30, 2019

The U.S. government could save up to $30 billion in just over two decades if it were to adopt continuous evaluation of personnel with security clearances instead of sticking with the current methods of periodic reinvestigation and readjudication.

That’s according to a recent RAND Corporation research report titled Assessing Continuous Evaluation Approaches for Insider Threats.

RAND studied several federal agencies’ continuous evaluation programs (also referred to as continuous vetting) and concluded that current investigation and adjudication processes are overly time-consuming.

The inefficiencies, RAND says, have contributed to current backlogs — including 156,000 unprocessed periodic reinvestigations as of 2018.

Replacing current processes with continuous evaluations could generate cost savings in as little as six years and up to $30 billion over the next 25 years, the report says.

To get there, RAND recommends a number of related changes, including establishing “a common definition of ‘insider threat’ to facilitate intragovernmental efforts,” as well as a common definition of continuous evaluation.

It also recognizes that the volume and variety of data sources have increased exponentially since continuous evaluation first came into use decades ago, and recommends that the “federal government, private sector, and academic community should work together to develop an effective way to share the unique data and behavioral traits gained from actual insider cases.”

The report’s authors made yet another insightful finding and related recommendation — one that Haystax has advocated for years. They found that the notable dissimilarities between the Manning, Snowden and Hasan cases prompted agencies to start categorizing insider threats “by intent as opposed to considering them exclusively on a binary scale as threats or not threats.”

Based on that critical observation, RAND’s recommendation is as follows: “Because insider threats exist across a broad spectrum, it would be useful to categorize insider threats in attempting to reduce and mitigate them. Intent is often an explicit threat indicator among insider categories; by contrast, negligence is not. While negligence does not necessarily imply intent, negligence, as committed by insiders who fall under the well-intentioned category of insider (i.e., someone who commits violations through ignorance), for example, should also be considered a threat because it introduces serious liability and consequences.”

#  #  #

Note: The RAND report can be downloaded here. Full disclosure: Haystax is mentioned in the report due to its participation in a pilot program run by the DoD Insider Threat Management Analysis Center (DITMAC), which is testing new ways of determining pre-incident risk. RAND notes that the pilot uses Haystax’s probabilistic modeling approach “to create a daily risk report for top-level managers… with a reported detection accuracy rate of 95 percent.”

Related posts