For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.

Image module

Haystax for School Safety

Haystax meets the constantly evolving challenges of providing safe learning environments for students, faculty, staff, and local security partners by integrating all vital incident and school facility information into a single, online platform.  Physical assessments and behavioral assessments along with the ability to report and monitor incidents on or near campus are hallmarks of Haystax for School Safety.  Know your threats sooner, respond faster, and effectively coordinate actions for all stakeholders.

Image module

Haystax for Public Safety

Law enforcement professionals are called upon daily to perform a broad range of tasks—from routine patrols, intelligence gathering and investigations to major crime and incident responses. Their challenge is to ensure public safety despite incomplete intelligence, limited cross-jurisdictional information sharing, and tight budgets. Haystax helps law enforcement agencies prepare for and respond to any crisis with a dynamic picture of emerging threats, rapid  intelligence-collection and incident-reporting tools, and a seamlessly integrated user environment that  ensures maximum collaboration and analytically sound command decisions for rapid response.

Image module

Haystax for Enterprise Security

Haystax has developed a suite of applications designed specifically to help corporate security decision-makers and analysts navigate this challenging environment. Haystax alerts corporate leaders to their most likely threats and natural hazards, provides critical security and operational information about each physical facility, regardless of its size or geographic location, and allows risk managers to identify and mitigate their biggest vulnerabilities. Moreover, the Haystax platform enables security teams to manage incidents and major events—from the ops center or out in the field.

Equipped with these insights, CSOs can better anticipate their risks, communicate with leadership and limit their company’s exposure to financial, legal and reputational liabilities.

PrevWhy Homeland Security Doctrine Needs a Hard Reboot13 July 2016NextCompanies need to go beyond minimum insider threat standards, Haystax Technology CEO Tells InsideDefense18 July 2016

NISPOM 2 Adds Insider Threat Rule, But Does It Go Far Enough?

July 14, 2016

After years of deliberation, the Department of Defense has published Change 2 to its National Industrial Security Operating Manual (NISPOM). With this release, DoD requires the cleared community to formally stand up insider threat detection programs by November 30. Requiring an insider threat program for the community is a welcome and needed change given the extent to which such threats have proliferated in recent years across the commercial and government sectors. Acknowledging the need to drive increased insider threat detection, NISPOM 2 sets minimum standards for compliance, including the appointment of an Insider Threat Program Senior Official (ITPSO) who will oversee corporate initiatives to gather and report relevant information (as specified by the NISPOM’s 13 personnel security adjudicative guidelines) and share this information across the organization. While NISPOM 2 does put a spotlight on the insider threat issue within organizations and forces every member of the cleared industrial base to determine an appropriate solution – clearly developments to be applauded – the requirement allows contractors to get a passing grade with only minimal effort. A truly proactive insider threat solution to protect against an internal adversary goes much further and requires the use of a broad and diverse data set, including:

  • Internal organizational data (HR, security, badge data, etc.)
  • Public records (arrest, divorce, bankruptcy, etc.)
  • Network/user activity monitoring data
  • Social media activity

By fusing these assorted streams of information together into a consolidated program and performing advanced analytics on top of the data, an organization can more than meet basic NISPOM 2 requirements in a cost-efficient manner and ensure that future Defense Security Service (DSS) security assessments are met with praise from the DSS representative. While NISPOM 2 may tempt a newly appointed ITPSO to implement a simple check-the-box solution, we hope and encourage government customers to reward companies based on the quality of their insider threat programs, especially those that go above and beyond the minimums. After all, this policy applies to companies responsible for national security interests – only our most critical data.

Adam Lurie is Director of Predictive Analytics at Haystax.

Related posts