AC.1.002 User Access Restrictions (CMMC Level 1)
Limit information system access to the types of transactions and functions that authorized users are permitted to execute. Continue reading AC.1.002 User Access Restrictions (CMMC Level 1)
Category Archives: General Security
AC.1.001 Basic Security Requirements (CMMC Level 1)
Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
The post AC.1.001 Basic Security Requirements (CMMC Level 1) appeared first on Security Boulevard.
Continue reading AC.1.001 Basic Security Requirements (CMMC Level 1)
CMMC Level 1 requirements?
The CMMC repeatedly states that CMMC Level 1 maturity is “performed”. Not documented, not managed, and definitely not optimized. Continue reading CMMC Level 1 requirements?
Reactive vs. proactive security: Three benefits of a proactive cybersecurity strategy
Introduction I’ve been writing cybersecurity articles for many years, and in that time, I have only seen increasingly complex security threats. Cybercriminals take their craft seriously. They treat cybercrime as a business, looking for ways to maximiz… Continue reading Reactive vs. proactive security: Three benefits of a proactive cybersecurity strategy
2020 Verizon Data Breach Investigations Report: Summary and key findings for security professionals
Introduction The Verizon Data Breach Investigations Report, or the Verizon Data Breach Report, is an annual report intended for information security professionals. It summarizes 3,950 confirmed data breaches and is a collection of work from 81 contribu… Continue reading 2020 Verizon Data Breach Investigations Report: Summary and key findings for security professionals
Cost of non-compliance: 8 largest data breach fines and penalties
Introduction Different regulations and laws will slap organizations with fines and penalties for data breaches. This is because the organization did not take the privacy of their data seriously. However, the authorities take this responsibility very se… Continue reading Cost of non-compliance: 8 largest data breach fines and penalties
Implementing a zero-trust model: The key to securing microservices
Introduction Organizations are increasingly integrating microservices into their software development processes. As noted by DZone, microservices break down software into multiple component services, thereby enabling organizations to deploy parts of an… Continue reading Implementing a zero-trust model: The key to securing microservices
Linux vulnerabilities: How unpatched servers lead to persistent backdoors
Vulnerability management is a challenge Humans make mistakes, software has bugs and some of these bugs are exploitable vulnerabilities. The existence of vulnerabilities in software is not a new…
Go on to the site to read the full article
The post Lin… Continue reading Linux vulnerabilities: How unpatched servers lead to persistent backdoors
CMMC Level 3 Control – Email Sandboxing (SI.3.220)
An overview for this control states an organization should utilize sandboxing to detect or block potentially malicious email. The action can prevent malicious files from entering the network and should be document in the Configuration Management Policy. Continue reading CMMC Level 3 Control – Email Sandboxing (SI.3.220)
CMMC Level 3 Control – Email Sandboxing (SI.3.220)
An overview for this control states an organization should utilize sandboxing to detect or block potentially malicious email. The action can prevent malicious files from entering the network and should be document in the Configuration Management Policy. Continue reading CMMC Level 3 Control – Email Sandboxing (SI.3.220)