The news of the Colonial Pipeline hack has raised general awareness of how vulnerable some of our key infrastructures are against modern cyberattacks. Deterrence against ransomware isn’t a pipe[...]
User access is one of the most basic, and yet most necessary, security controls available. With the complex ways in which we combine on-prem and cloud services for customers, it’s obvious how[...]
On May 12, 2021, President Joe Biden signed Executive Order 14028, entitled “Improving the Nation’s Cybersecurity”. This EO, released in the wake of the Colonial Pipeline hack, is intended to address[...]
What is the Difference Between a Managed Service Provider (MSP) and a Managed Security Services Provider (MSSP)?
More commercial businesses and government agencies are turning to third-party[...]
In This Article
- Capability and budgets are not able to increase at the same rate as the complexity of the Risk Management Framework (RMF) and Continuous Monitoring.
- In 2019, Defense[...]
In this Article
- NIST Special Publication 800-172 (formerly known as 171B) “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations: Enhanced Security Requirements for[...]
In this Article
- Learn about the most common findings we find identity in CMMC Gap Analyses.
- Learn how your organization can avoid these gaps on your path to CMMC.
#1. You Don’t Have Enough[...]
In this Article:
- Learn about action items leading up to CMMC preparation.
- Learn what to do when your organization is ready to begin CMMC preparation.
- Learn what goes into a CMMC Gap Analysis, and[...]
The Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) is the entity responsible for launching and overseeing the Cybersecurity Model Certification (CMMC) program for the[...]
Introduction
Event monitoring is a challenging and intimidating task. A properly configured audit policy results in an extreme number of captured events, contributing to the difficult nature of[...]
