The topic I’m going to focus on today is updating outdated operating systems and other aspects of tech refresh as part of vulnerability management, which is one of the most critical tasks for a cyber security professional. This task comes in at #3 on the Center for Internet Security’s (CIS) Top 20 control listing. While vulnerability management is listed as a… Read More
The Government Accountability Office (GAO) says in a new study, GAO-19-105: Federal Information Security, that most federal agencies are falling behind on implementing federal cyber security standards. The study said federal agencies need improvement and called on the agencies to do a better job protecting against intrusions. The GAO uses the NIST Cybersecurity Framework (CSF) to… Read More
The General Services Administration (GSA) announced changes to the Information Technology Schedule 70 (IT-70) Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on November 14, consolidating its cyber security contract vehicles. The main change is the addition of a new sub-category covering the High Value Assets (HVAs) to be in line with Office of Management and Budget… Read More
The Marriott Starwood data breach has potentially exposed details of up to 500 million customers, which would place it well above the Experian breach of 2017 (143 million records) and the Anthem breach of 2015 (78.7 million records). Hackers are said to have copied and encrypted information after gaining access to data. That information included personal… Read More
In this week’s blog we’ll share a vulnerability assessments overview and discuss how they can help you find holes in your security programs before malicious hackers can take advantage of them. Lauren Bellero spoke with Keith Melancon to get his thoughts on this topic. Keith oversees Delta Risk’s work with the Department of Defense (DoD)… Read More
The fourth and final blog in our series as part of National Cyber security Awareness Month (NCSAM) focuses on the theme of protecting critical infrastructure. Most of the time, we don’t notice critical infrastructure until a disruption happens. The recent hurricanes have highlighted the frustrations that occur when cell phone service, roads, electricity, and water service are unavailable, even… Read More