Kaitlin E. Illidge
Overview
Katie Illidge is a trusted authority in cleared contracting compliance, specializing in guiding companies through facility clearance approvals and National Industrial Security Program (NISP) compliance. As an Industrial Security Analyst as well as the Facility Security Officer at Crowell & Moring, she helps contractors navigate complex security regulations, such as DCSA audits, Insider Threat Program development, and implementing Foreign, Ownership, Control, and Influence (FOCI) mitigation agreements. With deep expertise in NISPOM, DFARS, and cybersecurity requirements such as NIST 800-171 and CMMC, she ensures businesses meet federal security standards with confidence. Whether securing a new facility clearance or strengthening over compliance, Katie delivers strategic security solutions that keep contractors mission ready.
Career & Education
- Department of Defense
Personnel Security Specialist, Defense Counterintelligence Security Agency, 2013–2014
- Department of Defense
- Facility Security Officer/Insider Threat Program Director, Crowell & Moring, 2019–Present
- Industrial Security Consultant, Beast Code, 2015–2016
- Corporate Security Officer, ROI Defense Associates, 2014–2019
- PEO Security Specialist, DXC Technology (Formerly CSC), 2009–2013
- Wake Forest University, B.A.
- Member, Crowell & Moring Security Committee
- National Classification Management Society (NCMS)
- Security Industry Association (SIA), Certified Security Program Manager (CSPM) Certified, 2024
- Capital Industrial Security Awareness Council (CISAC)
Kaitlin's Insights
Client Alert | 3 min read | 05.16.25
New SF-328 Released and Embedded Guidance Seeks More Information Up Front
On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI).
Client Alert | 2 min read | 05.09.25
New SF-328 for Foreign Ownership, Control, and Influence Assessments Approved, Publication Imminent
Client Alert | 6 min read | 10.31.23
New Guidance on Joint Venture Classified Information Access Determinations
Client Alert | 1 min read | 04.02.20
Representative Matters
- Advised a major cloud service through the creation of their cleared subsidiary and FOCI mitigation strategy, to allow their expansion into the federal classified contracts market.
- Represented and advised a leading supplier of custom radio frequency components in an appeal to an FCL suspension decision. Through strategic policy development and timely mitigating response, successfully obtained FCL reinstatement from DCSA within 30 days.
- Advised a top global management consulting firm in the development of their organization-wide Insider Threat program.
Kaitlin's Insights
Client Alert | 3 min read | 05.16.25
New SF-328 Released and Embedded Guidance Seeks More Information Up Front
On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI).
Client Alert | 2 min read | 05.09.25
New SF-328 for Foreign Ownership, Control, and Influence Assessments Approved, Publication Imminent
Client Alert | 6 min read | 10.31.23
New Guidance on Joint Venture Classified Information Access Determinations
Client Alert | 1 min read | 04.02.20
Insights
Kaitlin's Insights
Client Alert | 3 min read | 05.16.25
New SF-328 Released and Embedded Guidance Seeks More Information Up Front
On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI).
Client Alert | 2 min read | 05.09.25
New SF-328 for Foreign Ownership, Control, and Influence Assessments Approved, Publication Imminent
Client Alert | 6 min read | 10.31.23
New Guidance on Joint Venture Classified Information Access Determinations
Client Alert | 1 min read | 04.02.20
