Collaborate Disseminate
Combining Cyber Standards – Is ‘Unified’ Always A Good Approach? The CMMC enforcement model will require a significant adjustment to the way contractors conduct government business – from procurement to execution. In Part 2… Continue reading How Will the CMMC Impact My Business and How Can We Prepare? Part 3 of 3
Part 1: Laying the Groundwork for Achieving Certification In June of this year, my colleague Tom Taylor wrote about the DoD’s announcement to instate the Cyber Security Maturity Model Certification (CMMC) and elaborated on the fact that, with the… Continue reading How Will the CMMC Impact My Business and How Can We Prepare? Part 1 of 3
Five individuals were indicted for the reprehensible crime of defrauding U.S. military veterans and current service members of their benefits. The five accused of the fraud are identified as Robert Wayne Boling Jr., Fredrick Brown and Trorice Crawford… Continue reading Service Members Targeted in Identity Fraud Scheme
In a recent customer discussion, a CISO shared his concern with me regarding his company’s data. He worried that confidential data that had been shared with their suppliers would be leaked. He was worried that unsecured points in the supply chain… Continue reading Supply Chain Vulnerabilities from Legacy Approaches
My colleagues and I have been warning about the Department of Defense’s (DoD’s) looming enforcement of DFARS clause 252.204-7012 for a while now, as many Tripwire customers handle government CUI. Inevitably, we are asked how long we think i… Continue reading The CMMC – A Palatable Enforcement Solution to DFARS Requirement?
The Department of Homeland Security is trying to replicate a strategy used by the Department of Defense to protect and defend its networks, and the plan could soon be used across the entire federal government. DHS is currently assessing its 16 federated security operations centers (SOCs) to determine which agencies meet the parameters by which they could offer services to other agencies in need of various services, according to DHS Chief Information Security Officer Paul Beckman. “We are trying to figure out how we collectively get our arms around all those SOCs and how we optimize that,” Beckman told a crowd at the 2019 IT Modernization Summit, presented by FedScoop. Beckman said the process is following the DOD’s Cybersecurity Service Provider (CSSP) model. That program assesses which internal security centers hit a number of benchmarks. When one center is qualified to provide a certain level of security, other internal agencies […]
The post How DHS is following the Pentagon’s plan for internal cybersecurity appeared first on CyberScoop.
Continue reading How DHS is following the Pentagon’s plan for internal cybersecurity
Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts. Continue reading Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation
Despite record spending on cyber security, government agencies are not making significant headway in winning a battle against cybercrime. New white paper explores how threat-actors continues to be successful in bypassing layered defenses, highlights ke… Continue reading EDR + Application Containment: Redefining the Modern Endpoint Security Stack
The news comes shortly after the DoD was called out for having rampant bugs in its weapons systems. Continue reading Pentagon Expands Bug-Bounty Program to Include Physical Systems
This is your Shared Security Weekly Blaze for October 15th 2018 with your host, Tom Eston. In this week’s episode: Google+ shutdown, weapons systems vulnerabilities, and new data on voice phishing scams. Silent Pocket is a proud sponsor of the Sh… Continue reading Google+ Shutdown, Weapons Systems Vulnerabilities, Voice Phishing Scams – WB38