Blog

Data exfiltration is a growing concern among businesses and governments alike. After all, data is the most valuable asset second to people that an organization has. The Cybersecurity Maturity Model Certification (CMMC) is the government’s response to data exfiltration. It’s an attempt to bolster cybersecurity among the defense industrial base (DIB) and is becoming a requirement for defense contractors performing work for the Department of Defense (DoD).

One of the best business books I have read is “Start with Why” by Simon Sinek. The reason I liked it so much is the author makes the point that many of the great companies in America have a noble cause as their mission that differentiate them from their competitors.

Regardless of your organization’s security posture, a NIST cyber risk assessment can add immense value to your business. The National Institute of Standards and Technology, or more commonly known as NIST, is a non-regulatory federal agency that develops standards for a plethora of commonly relied on services and products.

Security awareness increasing, but numbers show employees are still not listening

Wondering what to expect as you go through your first SOC 2 Audit?  This post covers each step of the process.  At every step, keep in mind that the entire goal of the SOC 2 audit is to measure how well your organization handles its business processes, users, data (proprietary, customer, etc.). A SOC 2 security audit can help your company demonstrate it has applied the best control mechanism to assure security, availability, processing integrity, confidentiality, and privacy of client data. This then generates trust and confidence from inquiring vendors and prospective customers.

It is no secret that many protests have erupted after the death last month of George Floyd. However, a lesser-known fact is that a significant amount of online protesting has also emerged. This blog aims to focus on how protestors and various social organizations are using hacking as a vehicle to accomplish their objectives. The term ‘hacktivist” is used to describe cyber threat actors who are politically motivated.

Whether or not companies want to admit it, every company is in the cybersecurity industry. This even applies to organizations like manufacturing who are not historically associated with technology. Unfortunately, in the age of digital transformation, many companies believe that simply allocating a couple of bucks to purchase “state of the art” security tools is enough to fend off threat actors. In an analysis conducted by the well respected FireEye Mandiant Security Validation team, it was uncovered that 53% of successful intrusions remain undetected despite having several security products. The research indicates that the majority of organizations need an overhaul of their cybersecurity strategy. In a previous article, we examined how the saturated vendor market has encouraged organizations to hastily purchase tools without really considering their organization’s specific need and thus, giving them a false sense of security. However, this blog seeks to expose why high ticketed solutions are unable to effectively detect and prevent the growing number of cyber-attacks.

In a global survey commissioned by Barracuda, a prominent security company, 46% of global businesses have encountered at least one cyber scare since adopting a remote workforce as a result of the stay at home orders from COVID-19. While the security scares vary in severity, they all present a diverse range of new risks, threats, and challenges for organizations. These elements are only expected to increase as cybercriminals seize the situation to make a profit or nation-states try to gather intel.