Who’s Been Playing Solitaire on the Domain Controller?
Cybercriminals are constantly looking for ways into your system.
Who’s Been Playing Solitaire on the Domain Controller? Read More »
That Doesn’t Apply To Us; We Do That In The Cloud
Companies are becoming increasingly enamored with the advantages offered by cloud computing. However, many mistakenly assume that once you upload your data, it’s up to the cloud service provider (CSP) to keep it all safe and sound.
That Doesn’t Apply To Us; We Do That In The Cloud Read More »
Measure Once, Comply Many® — Cybersecurity Compliance As a Natural Outcome of Operational Security
In today’s digital world, no matter what type of sensitive data you handle, attackers are hard at work developing ways to access it. The rash of high-profile security breaches making headlines every day is clear evidence of the struggle businesses
NIST Compliance — It’s Never Too Late!
On December 31, 2017, the deadline passed for defense suppliers to comply with NIST 800-171, a requirement specified in Defense Federal Acquisition Regulation Supplement 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting.” This mandate attempted to ensure a higher
NIST Compliance — It’s Never Too Late! Read More »
The Procrastinator’s Blueprint for NIST 800-171 Compliance
On December 31, 2017, the deadline for compliance with the NIST 800-171, a mandate for contractors serving local and federal governments, came and went. This Special Publication provided guidance on the processes and procedures needed to adequately safeguard controlled unclassified
The Procrastinator’s Blueprint for NIST 800-171 Compliance Read More »
CyberSheath Managed Services for Small & Mid-Size Business
Cybersecurity at small and mid-sized businesses are often under-resourced with an “Army of One” approach to compliance and risk management. Compliance with regulatory requirements like DFARs 252.204-7012, HIPAA, PCI DSS, NERC CIP, Sarbanes Oxley (SOX) and more compete with actual
CyberSheath Managed Services for Small & Mid-Size Business Read More »
Understanding DFARS 252.204-7012 and NIST SP 800-171
Thanks to the increasingly sophisticated and aggressive cybersecurity threats facing the U.S., there has been much focus recently on reinforcing the nation’s cybersecurity. Much of this effort has revolved around strengthening the Department of Defense (DOD) supply chain. The Defense
Understanding DFARS 252.204-7012 and NIST SP 800-171 Read More »
Why SSPs and POA&Ms Aren’t Enough for Compliance
As cyber-attacks become more frequent and sophisticated, addressing tighter security needs has become a priority for the federal government. Enforcement of “Controlled Unclassified Information” (CUI) protection continues to intensify as private contractors and organizations are now required to upgrade their
Why SSPs and POA&Ms Aren’t Enough for Compliance Read More »
Beyond Compliance: DFARs 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting: A Matter of National Security
The DOD Guidance provides additional information on how they might penalize business partners who fail to adhere to new security rules, including penalties and not being awarded new contracts. Aside from the obvious competitive business reasons to immediately implement the NIST 800-171 security requirements this latest theft of project Sea Dragon data is reminder of the implications to national security. Most of NIST 800-171 is just good cybersecurity hygiene that at a minimum will make contractors harder targets for hostile nation states.