GAO logo

GAO: Federal Agencies Still Vulnerable to Cyber Attacks

The Government Accountability Office (GAO) says in a new study, GAO-19-105: Federal Information Security, that most federal agencies are falling behind on implementing federal cyber security standards. The study said federal agencies need improvement and called on the agencies to do a better job protecting against intrusions. The GAO uses the NIST Cybersecurity Framework (CSF) to… Read More

GSA Simplifies Categories for IT-70 HACS SINs

The General Services Administration (GSA) announced changes to the Information Technology Schedule 70 (IT-70) Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on November 14, consolidating its cyber security contract vehicles. The main change is the addition of a new sub-category covering the High Value Assets (HVAs) to be in line with Office of Management and Budget… Read More

vulnerability-assessments-overview-blog

Vulnerability Assessments Overview: An Essential Component to Your Cyber Security Program

In this week’s blog we’ll share a vulnerability assessments overview and discuss how they can help you find holes in your security programs before malicious hackers can take advantage of them. Lauren Bellero spoke with Keith Melancon to get his thoughts on this topic. Keith oversees Delta Risk’s work with the Department of Defense (DoD)… Read More

information security governance

Advice for New CISOs: How to Get a Head Start on Information Security Governance

A new Chief Information Security Officer (CISO) starting the first day on the job has many challenges to juggle – navigating infrastructure complexity, keeping up with ever-changing compliance and regulatory requirements, working through team skills shortages, and overcoming inadequate funding. In April, the Ponemon Institute surveyed more than 500 CISOs to assess their level of preparedness for… Read More

cyber security tips smbs can implement

9 Cyber Security Tips SMBs Can Implement Now

Although organizations of all sizes are targeted by cyber criminals, small and medium-sized businesses (SMBs) have turned into a preferred target. In fact, according to Aberdeen research, the risk of a single data breach is 63 percent higher for SMBs than it is for larger organizations with over 1,000 employees. Overall, The Ponemon Institute’s 2017 State of… Read More

cyber training program

Top 3 Tips For Building an Effective Cyber Training Program

Identifying and matching organizational roles with the correct cyber security training content is critical, but it is also important to manage programs at every step to get maximum value from them. Program management means ensuring your training objectives match organizational roles, and following up training with practice runs and refreshers to keep specific skill sets… Read More