Skip to main content

3 Myths About CMMC

Myth #1: You can prepare for a CMMC Audit by comparing cybersecurity posture to NIST SP 800-171 controls.  Myth #2: DoD Contractors need to be certified by an Accredited Assessor to bid on an RFP.   Myth #3: Organizations using the CMMC logo on their website to suggest they are already aligned with the CMMC Accreditation Body (CMMC-AB) for pre-assessment purposes. 

Continue reading

Cyberattacks causing many small companies to go out of business!

During the present-day digital transformation, cybercrime is becoming the number one form of criminal activity. “43% of online attacks are aimed at small businesses” and many aren’t prepared to defend themselves during these attacks! It is recommended that small business owners look into privacy programs to help support and protect vital information.

Continue reading

What is Cybersecurity?

The world relies on technology more than ever before. As a result, digital data creation has surged. Today, businesses and governments store a great deal of that data on computers and transmit it across networks to other computers. Devices and their underlying systems have vulnerabilities that, when exploited, undermine the health and objectives of an organization. 

Continue reading

Information Management and Security Incorporation

CUI serves as a label to simplify the ways that information is safeguarded and shared both within and amongst Executive Agencies and their customers. CUI provides universality by allowing for a standardized system of protection used by all Executive Agencies that will minimize any potential gaps in practice that may vary from agency to agency. In today’s world, agencies managing CUI must also manage risk from telework due to COVID.

Continue reading

Parallels between Zero Trust and the Fight Against Corona Virus

It is not uncommon for cyber professionals to have a difficult time conveying to people unfamiliar with cybersecurity the ways in which to consider protection of their data. There are many similarities between cyber approaches to addressing cyber vulnerabilities and attacks that are similar to those that our nation is using to combat the corona pandemic. One such similarity between cybersecurity and public health is the approach being taken to develop multiple vaccines in parallel knowing that few will be successful.

Continue reading

Identity

NIST Special Publication 800-63B Digital Identity Guidelines

NIST Special Publication 800-63B Digital Identity Guidelines, Authentication and Lifecycle Management includes choices of authenticators that may be used at various Authenticator Assurance Levels (AALs) for use by the US Federal Government.  Authenticators are used to authenticate a user to a resource’s access control mechanism.  Examples of authenticators include credit cards with chips, US Federal Government Personal Identity Verification (PIV) cards and DoD Common Access Cards (CACs). 

Continue reading

Spectre and Meltdown

Spectre and Meltdown are attacks on computing systems that exploit characteristics inherent to most modern computer processors. Specifically, Meltdown is recognized to affect Intel and ARM processors, while Spectre is known to affect Intel, AMD and ARM processors.

Continue reading

Computer Motherboard

The Return of ROCA

The Return of Coppersmith’s Attack (ROCA) is a recently discovered vulnerability in a cryptographic library used in some Infineon Technologies AG chips. It enables an attacker to practicably determine an RSA private key given an RSA public key. Quantum computers, while still in their infancy, will one day be capable of finding private keys like those used in RSA and other asymmetric cryptographic algorithms.

Continue reading

Computer Information

Why is ICAM So Important?

Today, information is being produced by and shared with billions of people and machines and around the world. Much of this environment is filled with information that owners are willing to share with others. But much proprietary and private information is not being so freely shared – and for good reason.

Continue reading

Secret Link