NSTi On The Fly

Bringing our courses around the world!
See Where We Will Be Next!

Integrated Security Solutions

We offer our clients complete turnkey security solutions to help build, assess, and improve their security programs. Our teams of subject matter experts provide the guidance necessary to enhance any commercial or classified activity. The ISS team is comprised of security professionals who have served in senior leadership positions in government and in the defense industry. SASSi, along with the National Security Training Institute (NSTi), brings additional resources and talent to help address your security needs.

Corporate Spotlight

Our responsibility, as a corporate citizen, is to reach beyond what we do in the classroom. We are called to demonstrate the values we teach – integrity, compassion, and servant leadership – in our community as well.

The National Security Training Institute is dedicated to the advancement of the security professional through the presentation of courses and seminars in the national security arena.

Sign Up for our Newsletter!

National Security Training Institute News Feed

New Seminar: Insider Threat

This workshop allows us to look at every aspect of insider threats. It provides a lesson on individuals who have caused serious harm to our national security and what we have learned from their actions. Join us to inspect the motivations to commit espionage, the behavioral indicators and measures to minimize the...

2013 Highlights

Each week at SASSi/NSTi we have the privilege of moving the security profession forward in the classroom and client organizations. Facing a difficult economic climate in 2013, we were able to deliver another solid year of successful performance. Highlights include: 59 courses delivered reaching over 1100 security professionals We were successful in expanding delivery of our courses around the country to include Massachusetts, Nevada, California and even South Korea! With an ongoing goal of diversifying our portfolio, we delivered customized security training and consulting services to four corporations and one government agency With over 50 consultants on our team, we have expanded the team with expertise in insider threat, risk management, security metrics, information assurance as well as our basic security disciplines SASSi/NSTi continues to be a great place to work, where employees are inspired to deliver excellence. Our employees make SASSi/NSTi a highly effective, lean and responsive organization known for its flexibility and adaptability. We continue to be a relevant contributor and asset to the security professional community as well, holding leadership positions with ASIS Defense and Intelligence Council and NDIA’s Industrial Security Committee. One of our greatest accomplishments has been the Security Intern Program. Celebrating the one year anniversary this summer, we have now graduated a dozen interns! Several have moved into careers in the industry. We take pride in being able to train up the next generation – in the classroom and in our daily operations. Finally, in a continuing effort to impact our community as well as the profession, we supported a school supply drive, volunteered at the Capital Area Food Bank, and supported various...

Deedee Collins Assumes NDIA/ISC Vice Chair Role

Deedee Collins, Executive Director of Special Aerospace Security Services, Inc. (SASSi) and the National Security Training Institute (NSTi), was selected as the Vice Chair, National Defense Industries Association Industrial Security Committee (NDIA/ISC) in August.Deedee Collins has over thirty years of experience in a wide array of fields to include organizational consulting and facilitation, human resources, and industrial security management. She is nationally recognized for the design and delivery of motivational security awareness programs and has worked with a variety of clients throughout the US Government and industry. She is a past President of the National Classification Management Society (NCMS). Deedee is the recipient of the 2012 Donald B. Woodbridge Award of Excellence and the 2006 Presidential Award for sustained superb leadership within the industrial security community. She also sits on the Defense and Intelligence Council of the American Society of Industrial Security (ASIS/D&IC) and is a member of the Industrial Security Working Group (ISWG). Upon notification of being selected, Deedee gladly accepted the opportunity and “looks forward to working with this esteemed group of security leaders.” The Industrial Security Committee (ISC) is a committee within the Procurement Division (PD) of NDIA representing member companies in all matters regarding industrial security. It is responsible for monitoring all security matters relating to the Defense Industrial Security Program (DISP), special access programs, and other activities which affect national security programs and corporate assets. As the Vice Chair, Deedee Collins will be responsible to partner with the Chairman to provide leadership and structure for the ISC, schedule and conduct the committee meetings, prepare annual reports, and provide primary liaison with other industrial security...

Upcoming Class

ICD 503 Risk Management Framework Course (RMF38)

Price: $1950.00

Starts: October 19, 2015 8:00 am

Ends: October 22, 2015 5:00 pm

NSTI Headquarter
Chantilly, Virginia
Map and Directions

Available Spaces: 24

Latest From Our Blog: Your Security Home

Risk Management Framework: What You Need to Know

Just recently, the Defense Department has announced it’s plan to transition from the DoD Information Assurance Certification and Accreditation Process, or DIACAP, to the NIST’s Risk Management Framework (RMF).  This means, for the first time, defense, intelligence and civilian federal agencies will all use the same set of risk management standards.  On March 12, DoD Chief Information Officer Teresa Rakai issued an instruction guide for the department to assist with the transition.  Is your organization making the transition?  Here’s some basic information you need to know about RMF: Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the resulting impact.  With this information, organizations can determine the acceptable level of risk for delivery of services and can express this as their risk tolerance.  With an understanding of risk tolerance, organizations can prioritize cybersecurity activities, enabling organizations to make informed decisions about cybersecurity expenditures. The following activities are related to managing organizational risk are paramount to an effective information security program: Step 1: Categorize the information system and the information processed, stored, and transmitted by that system based on an impact analysis Step 2: Select an initial set of baseline security controls for the information system based on the security categorization Step 3: Implement the security controls and document how the controls are deployed within the information system and environment of operation Step 4: Assess the security controls using appropriate procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome Step 5: Authorize information system operation based upon...

Humans: The Weakest Link in Security

The majority of information security centers on technical attacks and corresponding technical defenses.  However, human interaction can circumvent just about every technical countermeasure that brilliant engineers devise to protect vital systems and valuable information, either accidental or intentional.  In fact, Microsoft’s latest Security Intelligence Report shows that cybercriminals are ditching the old strategy of exploiting software vulnerabilities, choosing instead to rely on deceit and deception. According to Microsoft, one of the most common deceptive tactics involve luring victims with downloads by bundling malware with legitimate downloadable content such as software and videos.  While deceptive downloads are one of the most prevalent tactics used worldwide, ransomware has also become another popular deceptive practice, where the malware pretends to be an official warning from a well-known law enforcement agency.  It then proceeds to accuse victims of committing a cybercrime, demanding a fine in exchange for regaining control of their computer. Worst of all, there are ways to access your information even without your clicks.  Social engineering is a huge threat to national security these days, magnified by the Internet age – where an infinite volume of information is as close as the nearest browser.  For example, automated password reset mechanisms are the norm on any account page; they are quick, economical and convenient for both the user and the issuer.  But, social networking sites have made it easy for bad guys to guess the answers to common “personal security questions” such as your high school mascot, your mother’s maiden name, pet’s name, etc. In light of the new threats, it’s so important to adequately protect yourself by keeping software up to...

Is Continuous Monitoring the Way of the Future?

Think back to five years ago. The year was 2009. Barack Obama was sworn in as the 44th president of the United States. H1N1, or swine flu, was the major headline for weeks. All analog television broadcasting ended. Bernie Madoff was sentenced and convicted as the mastermind behind the largest Ponzi scheme ever. Now think back to 10 years ago; 2004. Facebook had just been created. Google was only a search engine. Nokia and Motorola were the most popular brands of cell phones. The average gas price was $1.85 per gallon. Where were you when all this was happening? Did you live in the same house? Did you have the same group of friends? Was your financial situation where it is now? With a secret clearance, this could have been the last time you were reinvestigated, and clearly things can change significantly in 5-10 years. With that in mind, the federal government is looking into continuously monitoring employees and contractors with security clearances in hopes of preventing sensitive information from being leaked to the public, or even worse, our enemies1. About mid-March, the White House of Management and Budget issued a report “Suitability and Security Process Review” that is recommending the government speed up the initiative of continuously evaluating individuals with security clearances1. Just look at Edward Snowden, Bradley Manning and Aaron Alexis; they all had a security clearance. If the federal government was using a continuous approach to background investigations these incidents may have been prevented. The Suitability and Security Process review found that the existing re-investigation practices fail to re-evaluate cleared individuals accurately or mitigate risk appropriately1....