Government January 20, 2023

How Much is the U.S. Investing in Cyber (And is it Enough)?

3 min read - It’s no secret that cyberattacks in the U.S. are increasing in frequency and sophistication. Since cyber crime impacts millions of businesses and individuals, many look to the government to see what it’s doing to anticipate, prevent and deal with these…

Zero Trust January 16, 2023

What to Know About the Pentagon’s New Push for Zero Trust

4 min read - The Pentagon is taking cybersecurity to the next level — and they’re helping organizations of all kinds do the same. Here’s how the U.S. Department of Defense is implementing zero trust and why this matters to all businesses and organizations.…

Risk Management December 21, 2022

Don’t Wait to Embrace CISA’s Vulnerability Management Rules

4 min read - Vulnerability management is the time-consuming process of finding and patching a seemingly unlimited number of potential risks. The National Institute of Standards and Technology (NIST) reports more than 23,000 new vulnerabilities for 2022, where more than 17,000 are classified as…

CISO December 8, 2022

What CISOs Should Know About CIRCIA Incident Reporting

4 min read - In March of 2022, a new federal law was adopted: the Cyber Incident Reporting Critical Infrastructure Act (CIRCIA). This new legislation focuses on reporting requirements related to cybersecurity incidents and ransomware payments. The key takeaway: covered entities in critical infrastructure…

News November 30, 2022

Abuse of Privilege Enabled Long-Term DIB Organization Hack

2 min read - From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a Defense Industrial Base (DIB) organization’s enterprise network. During that time frame, advanced persistent threat (APT) adversaries used an open-source toolkit…

CISO November 10, 2022

Reporting Healthcare Cyber Incidents Under New CIRCIA Rules

4 min read - Numerous high-profile cybersecurity events in recent years, such as the Colonial Pipeline and SolarWinds attacks, spurred the US government to implement new legislation. In response to the growing threat, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act…

Intelligence & Analytics November 3, 2022

Overcoming Distrust in Information Sharing: What More is There to Do?

4 min read - As cyber threats increase in frequency and intensity worldwide, it has never been more crucial for governments and private organizations to work together to identify, analyze and combat attacks. Yet while the federal government has strongly supported this model of…

News October 19, 2022

CISA: Industrial Attacks Could Remotely Control Devices

2 min read - A joint federal Cybersecurity Advisory warns that certain advanced persistent threat actors can obtain full access to the industrial control system (ICS) and data acquisition (SCADA) devices. These systems, found in nearly every industrial sector, can then fall prey to…

Zero Trust September 29, 2022

What CISOs Want to See From NIST’s Impending Zero Trust Guidelines

3 min read - Cybersecurity at U.S. federal agencies has been running behind the times for years. It took an executive order by President Joe Biden to kickstart a fix across the agencies. The government initiative also serves as a wake-up call to enterprises…

Government September 15, 2022

A Response Guide for New NSA and CISA Vulnerabilities

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) recently published a report highlighting a range of critical security vulnerabilities requiring attention from organizations of all types. The report was published with input from the National Security Agency (NSA) and similar agencies…