Casey Lang

Casey Lang runs Compliance at CyberSheath and has over 10 years of experience in cybersecurity, business resilience and information technology, holding various positions in the defense, health care and retail industries.

He has expertise in security program development and assessment and has extensive experience in strategically planning security and business continuity programs based on internationally recognized standards of practice from NIST, ISO, FISMA and the PCI SSC.

Casey has a B.S. in Computer Engineering Technology and an M.S. in Information Assurance from Northeastern University and several professional certifications that include Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP), Payment Card Industry Professional (PCIP), Certified Business Continuity Professional (CBCP) and SANS GIAC Certified Incident Handler (GCIH).

A dark purple screen full of code with a large locked blue lock

What is the CMMC Shared Security Model and Why is it Needed?

August 11, 2020 / 8 minutes of reading / By Casey Lang

Current Compliance Landscape Deputy Defense Secretary Patrick Shanahan spoke at the Armed Forces Communications and Electronics Association (AFCEA) on Feb 6, 2018, and said, “The culture we need to get to [around IT security] is that we’re going to defend ourselves […]

What is the CMMC Shared Security Model and Why is it Needed? Read More »

A hooded man sitting with a laptop with code graphics overlaying the image

What Penetration Testing Is – and Why Your Organization Should Be Using It

March 4, 2020 / 4 minutes of reading / By Casey Lang

In today’s security landscape, threats to your IT infrastructure are constantly evolving. As you work to secure your IT systems and processes, penetration testing (pen testing) is an important component of your plan. Pen testing can help your organization gain

What Penetration Testing Is – and Why Your Organization Should Be Using It Read More »

An open envelope with three fish hooks falling out on top of another envelope with the '@' symbol

4 Steps to Protect Your Business from Spear Phishing

June 11, 2019 / 5 minutes of reading / By Casey Lang

You may have heard of phishing, which is the practice of sending fraudulent texts or emails that appear to come from a legitimate source, with the intention of encouraging the recipient to provide personal information.

Businesses have been struggling to protect their networks from phishing, and with attacks up 65% in the past year, it seems the fight is far from over. To make matters worse, a more sophisticated and destructive offshoot of phishing has recently emerged — spear phishing.

4 Steps to Protect Your Business from Spear Phishing Read More »

A computer screen with a locked blue lock

Understanding the NIST Risk Management Framework (RMF)

May 17, 2019 / 4 minutes of reading / By Casey Lang

Adopt the RMF to cope with growing risk and comply with strict legislation— think defense (DFARS), healthcare (HIPAA), and retail/payment (PCI).

Understanding the NIST Risk Management Framework (RMF) Read More »