In today’s digital age, cybersecurity has become a critical aspect of business operations. Cyber threats are becoming more sophisticated and frequent, making it essential for businesses to adopt robust cybersecurity practices. If your business operates in multiple locations or has …
How to Manage Compliance for Decentralized Businesses Read More »
As your organization works toward achieving CMMC compliance, creating your System Security Plan (SSP) and Plan of Action and Milestones (POA&M), are critical steps in the process. The documents both provide a foundation for your remediation efforts as you work …
As your organization works to determine the meaning and application of the various levels of the newly enacted Cybersecurity Maturity Model Certification (CMMC), questions arise. One particular issue surrounds the issue of SIEM as it pertains to the first level …
What Level of CMMC Requires Security Information and Event Management (SIEM)? Read More »
Yesterday, Richard Wakeman, Senior Director – Aerospace and Defense at Microsoft, provided a terrific update to his 2019 blog post, Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DOD Offerings, providing a lot of additional detail, and answering many …
Three Observations from Microsoft’s 2021 Compliance Update and the Impact on the DIB Read More »
Current Compliance Landscape Deputy Defense Secretary Patrick Shanahan spoke at the Armed Forces Communications and Electronics Association (AFCEA) on Feb 6, 2018, and said, “The culture we need to get to [around IT security] is that we’re going to defend ourselves …
What is the CMMC Shared Security Model and Why is it Needed? Read More »
In today’s security landscape, threats to your IT infrastructure are constantly evolving. As you work to secure your IT systems and processes, penetration testing (pen testing) is an important component of your plan. Pen testing can help your organization gain …
What Penetration Testing Is – and Why Your Organization Should Be Using It Read More »
You may have heard of phishing, which is the practice of sending fraudulent texts or emails that appear to come from a legitimate source, with the intention of encouraging the recipient to provide personal information.
Businesses have been struggling to protect their networks from phishing, and with attacks up 65% in the past year, it seems the fight is far from over. To make matters worse, a more sophisticated and destructive offshoot of phishing has recently emerged — spear phishing.
Adopt the RMF to cope with growing risk and comply with strict legislation— think defense (DFARS), healthcare (HIPAA), and retail/payment (PCI).
