SAN JOSE, Calif. — May 20, 2020 — SPYRUS Solutions, Inc (“SPYRUS”) congratulates its partner Texas A&M University System (“TAMUS”) on receiving the Defense Counterintelligence & Security Agency Award for Excellence in Counterintelligence. This award is given for work to protect sensitive information from foreign spies. TAMUS, a top 50 research university, is enhancing its Secure Enclave capability by implementing the SPYRUS easy to use, single-sign on Authentication, Access Control and Endpoint Encryption Solution that protects data at rest (servers and user devices) and data in motion (between the Secure Enclave and user devices).

“We salute TAMUS on receiving this prestigious recognition,” explained Grant Evans, chief executive officer and chairman, SPYRUS. “Dr. Kevin Gamache and his team are demonstrating how to protect the valuable research of its faculty, staff and students. We hope other universities will look to TAMUS as a model and will follow their lead in continuously enhancing their security architecture.”

University laboratories have been under threat from hostile nations attempting to steal valuable intellectual property vital to national security for many years. In response to this growing threat, the U.S. government has implemented DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. DFARS Clause 252.204-7012 requires universities to meet various security controls, including those defined in NIST SP 800-171, to ensure all stages of data in internal university systems are protected. This is currently being matured under OUSD(A&S) as a third-party audited requirement under the DoD Cybersecurity Maturity Model Certification program.

“As funded research supports our national interests, the CMMC-Accreditation Body has been established to conduct CMMC certification audits of universities and other Defense Industrial Base sector organizations that will quantify adherence to audit university adherence to DFAR regulations,” explained Evans. “It’s not enough to create a security plan or roll-out a solution, universities must take a broad view of what needs protecting and how. That means considering technology, people and processes required for a wholistic security approach.”

In addition to hardware and software security, universities must meet the following practices, which may also be audited in order to qualify for U.S. Government funding.

• Security Requirement 3.12.4 (System Security Plan, added by NIST SP 800-171, Revision 1), requires the contractor to develop, document, and periodically update, system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.
• Security Requirement 3.12.2 (Plans of Action), requires the contractor to develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in their systems.

SPYRUS experts are available to help universities understand the regulations and implement solutions to protect government-granted research.

Learn more about SPYRUS at www.spyrus.com.


About SPYRUS Solutions, Inc.

SPYRUS develops and deploys cryptographic operating systems in innovative ways, providing the strongest protection for data in motion, data at rest and data in process.  For more than 20 years, SPYRUS has delivered encryption, authentication, and digital content security products to government, financial, and healthcare enterprises.  SPYRUS solutions enable customers to meet stringent regulatory requirements for data protections across industries. Connect with SPYRUS on LinkedIn and Twitter.