Insights

strategic planning

Charting a Course for 2022

Strategic planning is hard. Strategic planning during a worldwide pandemic, even harder. Organizations must contend with ongoing disruptions to the global supply chain, managing remote and hybrid workforces and simply keeping their employees from jumping ship. Now, rising inflation and the emergence of another concerning coronavirus variant may portend more

Read More »
ransomware attacks

Tis the Season for Ransomware Attacks

As we plan for the holidays, people are coordinating events with family and friends, checking off items on their gift lists and wrapping up year-end projects before taking some time off. In a warning issued last week, CISA and the FBI want us to add another item to our holiday

Read More »
cybersecurity partner

What to Look for in a Cybersecurity Partner

2021 has been a banner year for cybersecurity awareness. Large-scale attacks, such as the SolarWinds and Colonial Pipeline attacks, have dominated the headlines, and the number of data breaches reported in 2021 already exceeds last year’s total. Global spending on cybersecurity is predicted to reach $150 billion by the year’s

Read More »
fake job ads

Fraudsters Stealing Identities With Fake Job Ads

The labor market is experiencing major upheaval in response to the pandemic and corresponding rise in remote work. Employees are quitting jobs in record numbers, including 2.9 million in the month of August alone, and many workers laid off during the pandemic are still looking to re-enter the workforce. Scammers

Read More »
weakest cybersecurity link

The Weakest Cybersecurity Link

A central component of every cybersecurity program is vulnerability management—identifying weaknesses in the organization’s security posture and implementing controls to address them. Unpatched operating systems, poorly configured firewall rules and unencrypted databases are all chinks in an organization’s cyber armor, but the most critical cybersecurity vulnerability is people. Whether it’s

Read More »
hacktivism

The Resurgence of Hacktivism

After a period of decline, hacktivism is emerging again as a serious threat. This month, videogame streaming service Twitch was the victim of a massive breach that exposed creator payout reports and Twitch’s entire source code among other proprietary information. The 125GB data breach follows directly on the heels of

Read More »
diverse cyber workforce

Cultivating a Diverse Cyber Workforce

As any hiring manager looking to expand their security team can attest, there’s a dire shortage of cybersecurity professionals in today’s labor market. In the United States alone, there are nearly half a million unfilled job openings in the field. However, part of the problem is that organizations are limiting

Read More »
credential hijacking

Bad Actors Trade Malware for Credential Hijacking

The cyber threat landscape is undergoing an important shift as attackers choose stealthy credential-based attacks over malware. An annual threat report published by CrowdStrike last month revealed that 68% of threat detections from the past three months were malware free. The use of compromised credentials and existing system tools, rather

Read More »
cybersecurity myths

Debunking Cybersecurity Myths

Cybersecurity is a complex field that’s constantly changing to keep up with new technologies. These conditions make it fertile ground for misinformation that can lead to poor security practices. It’s National Cybersecurity Awareness Month, so it’s the perfect time to dispel a few common cybersecurity myths. Myth: Cyberattacks Always Come

Read More »
FedRAMP

A FedRAMP Progress Report

The Federal Risk and Authorization Management Program (FedRAMP) was launched in 2011 to drive forward the U.S. Government’s Cloud-First strategy. FedRAMP eliminated duplicative security assessment efforts by establishing a common accreditation for cloud service providers (CSPs). Once a cloud service offering (CSO) is FedRAMP-certified, any federal agency is permitted to

Read More »
healthcare

A Healthcare Security Checkup

As the healthcare sector continues to fight on the frontlines against the COVID-19 global pandemic, it faces the added challenge of warding off a steady rise in cyberattacks. Attacks against the American healthcare system increased by 55% in 2020, with more than a third of healthcare organizations globally suffering ransomware

Read More »
cybersecurity initiatives

The White House’s New Cybersecurity Initiatives

Two weeks ago, President Biden held a cybersecurity summit at the White House, where a raft of public and private initiatives were announced to improve the nation’s cybersecurity posture. CEOs of major technology companies, including Alphabet, Amazon, Apple and Microsoft, as well as banks, insurers and educational institutes were in

Read More »
CISA bad practices

CISA’s Bad Practices

The Cybersecurity and Infrastructure Security Agency (CISA) recently adopted a new tactic to improve the nation’s cyber defenses: rather than focus on what organizations should be doing to protect themselves, CISA’s new catalog of bad practices puts the spotlight on the worst security practices. The list currently contains three entries:

Read More »
c-suite

What the C-Suite Needs to Understand About Cybersecurity

Cybersecurity is the responsibility of everyone in an organization, but some positions have more responsibility than others. The C-suite has a unique role in establishing and maintaining the organization’s security culture. Employees align their behavior to signals from leadership, for instance, when determining if security protocols should be sidestepped to

Read More »
zero trust architecture

Is Zero Trust the Future?

In response to the recent onslaught of headline-grabbing security breaches, such as the attacks on SolarWinds and the Colonial Pipeline, the U.S. federal government is taking decisive steps toward a zero trust future. In May, the Biden Administration issued a cybersecurity executive order that, among other provisions, mandates that all

Read More »
privacy program

Is Your Privacy Program Enough?

According to the UN Conference on Trade and Development (UNCTAD), more than three-quarters of countries worldwide have or are working towards data protection and privacy legislation. Navigating these numerous and sometimes contradictory regulations present considerable challenges to organizations. In addition, enforcement actions for non-compliance come with severe monetary penalties and

Read More »
cyber hygiene

Are You Practicing Proper Cyber Hygiene?

Practicing good cyber hygiene means proactively maintaining the health and security of an information system by establishing routine processes to defend against cyber threats and attacks. It makes data less vulnerable to the risks present in the threat landscape and even helps to prevent information and data from being misplaced. Proper

Read More »
Cybersecurity Maturity Model Certification

Achieving Cybersecurity Maturity Model Certification

By the year 2026, organizations wishing to do business with the Department of Defense (DoD) must have Cybersecurity Maturity Model Certification (CMMC). The new CMMC framework applies to all prime contractors and subcontractors in the Defense Industrial Base (DIB), which consists of more than 300,000 organizations. What is CMMC? CMMC

Read More »
cybersecurity talent gap

Bridging the Cybersecurity Talent Gap

The global cybersecurity labor shortage is more than three million people, and there is a dire need for millions of cybersecurity professionals to fill available jobs, according to the (ISC)²’s 2020 Cybersecurity Workforce Study. Data in the report depicts an industry under intense pressure, forced to do more with fewer resources

Read More »
working from home

How Working from Home Changed Cybersecurity

During the pandemic, the shift to a remote workforce changed cybersecurity by decentralizing the office-based work environment. And it also hastened the adoption of preexisting expert guidance. The following is a deeper dive into how the WFH environment reshaped the way organizations approach cybersecurity. Addressing the Security Risks People were

Read More »

Learn more about our diverse set of technology services for the federal and commercial markets.