Blog Archives

Acquisition of Tusk, LLC
PKH Enterprises, LLC is pleased to announce the acquisition of Tusk, LLC which broadens our capabilities in Process Consulting, IT Service Delivery, and Digital Modernization. We are excited to welcome Peter Steele to the PKH team as part of this acquisition and look forward to the growth that this will afford PKH Enterprises.

Building an insider threat program start with understanding risks
There is no one-size-fits-all approach to developing an insider threat program. Every insider threat program must take into consideration the unique threats that are particular to that organization. For example, a government agency might be most concerned with the unauthorized disclosure of sensitive or classified information while a financial institution might be more concerned with theft or fraud.

ICAM and Zero Trust
Zero Trust remains one of the key buzzwords in cybersecurity, and virtually every article, briefing, or marketing slick about zero trust talks about the importance of implementing multi-factor authentication (MFA). Single factor passwords have been asserted to be “broken” for years, with documented proof that attackers are able to successfully hack passwords regardless of complexity, length, and change frequency.

DHS launching a CDO office and CMMC-like risk management program!
Acting CDO Carlene Lleto is working on eight priority domains that include immigration, law enforcement and cybersecurity. The need for CDO offices was revealed during the COVID-19 pandemic. DHS launched a department wide COVID 19 vaccination campaign in partnership with Department of Veterans Affairs health center. The problem arose when DHS needed to get in contact with workers and it required “extensive time and effort to collecting and reconciling many different datasets from across the department.”

3 Myths About CMMC
Myth #1: You can prepare for a CMMC Audit by comparing cybersecurity posture to NIST SP 800-171 controls.
Myth #2: DoD Contractors need to be certified by an Accredited Assessor to bid on an RFP.
Myth #3: Organizations using the CMMC logo on their website to suggest they are already aligned with the CMMC Accreditation Body (CMMC-AB) for pre-assessment purposes.

Cyberattacks causing many small companies to go out of business!
During the present-day digital transformation, cybercrime is becoming the number one form of criminal activity. “43% of online attacks are aimed at small businesses” and many aren’t prepared to defend themselves during these attacks! It is recommended that small business owners look into privacy programs to help support and protect vital information.

Holiday Planning from an Insider Threat Specialists Perspective
When I stop to think about it, preparing for the holidays is a lot like preparing to encounter an insider threat; if you fail to plan, you plan to fail. Yes, I know that is an old clichéd saying, but however cheesy it may be it is still true. Being alone, thinking of lost loved ones, the list goes on. Having a plan to get through those hard times that you know are coming up is vital.

What is Cybersecurity?
The world relies on technology more than ever before. As a result, digital data creation has surged. Today, businesses and governments store a great deal of that data on computers and transmit it across networks to other computers. Devices and their underlying systems have vulnerabilities that, when exploited, undermine the health and objectives of an organization.

Information Management and Security Incorporation
CUI serves as a label to simplify the ways that information is safeguarded and shared both within and amongst Executive Agencies and their customers. CUI provides universality by allowing for a standardized system of protection used by all Executive Agencies that will minimize any potential gaps in practice that may vary from agency to agency. In today’s world, agencies managing CUI must also manage risk from telework due to COVID.

Trust and Federation
Federation has worked well on social media – users link their accounts together and use a single username and password to access. Federation has also worked for government employees – their Personal Identity Verification (PIV) cards are accepted for many cross-agency uses. But even after significant investment of federation to support citizen interactions with the government, federated citizen credentials are still out of reach.

Developments In 5G
With 5G comes a host of new innovation: Greater precision and improved reaction times in drones and autonomous vehicles, new wearable tech with additional features, advances and greater adoption of Internet of Things (IoT) devices and smart city developments, and remote healthcare. 5G also ushers in a new age of smart warfighter.

Parallels between Zero Trust and the Fight Against Corona Virus
It is not uncommon for cyber professionals to have a difficult time conveying to people unfamiliar with cybersecurity the ways in which to consider protection of their data. There are many similarities between cyber approaches to addressing cyber vulnerabilities and attacks that are similar to those that our nation is using to combat the corona pandemic. One such similarity between cybersecurity and public health is the approach being taken to develop multiple vaccines in parallel knowing that few will be successful.