For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.

Image module

Haystax for School Safety

Haystax meets the constantly evolving challenges of providing safe learning environments for students, faculty, staff, and local security partners by integrating all vital incident and school facility information into a single, online platform.  Physical assessments and behavioral assessments along with the ability to report and monitor incidents on or near campus are hallmarks of Haystax for School Safety.  Know your threats sooner, respond faster, and effectively coordinate actions for all stakeholders.

Image module

Haystax for Public Safety

Law enforcement professionals are called upon daily to perform a broad range of tasks—from routine patrols, intelligence gathering and investigations to major crime and incident responses. Their challenge is to ensure public safety despite incomplete intelligence, limited cross-jurisdictional information sharing, and tight budgets. Haystax helps law enforcement agencies prepare for and respond to any crisis with a dynamic picture of emerging threats, rapid  intelligence-collection and incident-reporting tools, and a seamlessly integrated user environment that  ensures maximum collaboration and analytically sound command decisions for rapid response.

Image module

Haystax for Enterprise Security

Haystax has developed a suite of applications designed specifically to help corporate security decision-makers and analysts navigate this challenging environment. Haystax alerts corporate leaders to their most likely threats and natural hazards, provides critical security and operational information about each physical facility, regardless of its size or geographic location, and allows risk managers to identify and mitigate their biggest vulnerabilities. Moreover, the Haystax platform enables security teams to manage incidents and major events—from the ops center or out in the field.

Equipped with these insights, CSOs can better anticipate their risks, communicate with leadership and limit their company’s exposure to financial, legal and reputational liabilities.

Previnsider threatDetecting an Insider Threat in Game of Thrones01 September 2017Nextpublic safetyHaystax Technology Named Top Public Safety Vendor in New Report22 September 2017

Haystax Technology VP Comments on FY18 Insider Threat Program Language

September 13, 2017
insider threat

Separate drafts of the fiscal-year 2018 National Defense Authorization Act (NDAA) are currently making their way through the House and Senate. Haystax Technology’s Vice President of Security Analytics, Tom Read, studied both versions and shared his observations about the lack of emphasis on insider threat mitigation – in the House bill, at least – in a recent commentary published simultaneously in Defense News and Fifth Domain Cyber.

Read notes that the House authorization language discusses insider threat mainly in the context of  ‘green-on-blue’ attacks by overseas military partners as well as espionage and technology exploitation operations by nation-state actors, rather than on “threats from insiders who have knowledge and access to proprietary systems that allow them to bypass security measures through legitimate means.”

The Senate version, by contrast, directly addresses these latter insider threats, directing the US Department of Defense to “orchestrate the creation of an integrated, automated, enterprise-wide insider threat detection and analysis capability.” As Read notes, “this language goes to the heart of a serious challenge at DoD — namely, the inability of the department to access and integrate data to effectively and efficiently prevent malicious and accidental insider incidents.”

There are several areas of critical importance that Haystax Technology continues to advocate for, namely the quality of data inputs, the ability to monitor non-network behavior and the need for more risk-based approaches. Read goes into detail as to why these areas are important, and recommends a holistic risk-based approach to insider-threat detection and deterrence. This is the reason Haystax Technology first builds a model of ‘whole-person’ behavior, before even a single piece of data is collected. And it’s why our Haystax Analytics Platform™ approaches user behavior analytics (UBA) holistically, like an ever-expandable team of expert analysts who are continuously on the lookout for signs of malicious, negligent and inadvertent behaviors by trusted insiders.

Eventually, changes will be made to the NDAA in conference and a final version will be voted on – and likely passed. While it remains to be seen what the final FY18 NDAA will look like when it lands on the President’s desk, Read stresses that we cannot ignore its current lack of real emphasis on insider threat program improvements, despite its growing risks. In fact, 40 percent of respondents to a recent study by the SANS Institute and Haystax reported malicious insider threats as being the most damaging current threat vector, and certainly no organization — whether in finance, healthcare, law or any other profession — is immune from the growing threat from adverse insider events. As such, Read concludes, the NDAA ought to address this important issue with specific language.

 

Related posts