800-171 is the government’s chosen cybersecurity standard for protecting controlled unclassified information (CUI) and is the standard is required by a number of government departments and by private industry as a matter of contract for protecting sensitive unclassified information. Learn more about this new version of the standard here.
The Internet of Things refers to a class of smart devices that are typically used to automate things. This can be anything from a smart TV or smart door lock to an automated oil refinery and everything in between. Unfortunately, the security of many of these devices is to be really kind, lacking. The hackers…
In this case, it wasn’t the well known “candy drop” attack but rather an accidental USB attack. Still infected an entire hospital. This one is attributed to China. Learn more below.
CISA, the Cybersecurity and Infrastructure Security Agency released a directive, which is binding on federal civilian executive branch agencies, that addresses the security of network and operational technology (OT, IoT) devices which can be managed from the public Internet. Learn what CISA and we are recommending below.
Over the last couple of years we have talked a lot about what is required for CMMC Level 2 certification, but a lot more companies will need to be CMMC Level 1 certified. What is required for this?
Everyone is using AI and tools like ChatGPT have become super popular virtually overnight. But have you considered the risks associated with using these tools, have you created policies for your employees, do you understand how your vendors may be adding risk to your business and are you managing that risk? Learn more here.
The shared responsibility model is the way that cloud service providers reduce their risk if something bad happens. For the most part, unless you have an unusual contract with your cloud service provider, if something bad happens, it is your problem. If you have not planned for this, you could be in deep yogurt. Learn…
Many companies allow, encourage and/or require employees to use personally owned devices. While it seems that, at least in the short term, this is a money saving and morale boosting move, in the long term, it may be an existential threat to the company. In this post we are going to use one company who…
Most defense contractors have been complaining about the lack of specificity of how to protect controlled technical information or CTI. DoD has just released instructions clarifying the rules around protecting CTI. Learn more here.
The FBI says that 19,000 people reported losing over $700 million to romance scams last year. Learn more about these scams by watching or listening. Links mentioned in the video are: FBI National Cybersecurity Alliance Pig Butchering Scams
