The Government Accountability Office (GAO) says in a new study, GAO-19-105: Federal Information Security, that most federal agencies are falling behind on implementing federal cyber security standards. The study said federal agencies need improvement and called on the agencies to do a better job protecting against intrusions. The GAO uses the NIST Cybersecurity Framework (CSF) to… Read More
The General Services Administration (GSA) announced changes to the Information Technology Schedule 70 (IT-70) Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on November 14, consolidating its cyber security contract vehicles. The main change is the addition of a new sub-category covering the High Value Assets (HVAs) to be in line with Office of Management and Budget… Read More
In this week’s blog we’ll share a vulnerability assessments overview and discuss how they can help you find holes in your security programs before malicious hackers can take advantage of them. Lauren Bellero spoke with Keith Melancon to get his thoughts on this topic. Keith oversees Delta Risk’s work with the Department of Defense (DoD)… Read More
A new Chief Information Security Officer (CISO) starting the first day on the job has many challenges to juggle – navigating infrastructure complexity, keeping up with ever-changing compliance and regulatory requirements, working through team skills shortages, and overcoming inadequate funding. In April, the Ponemon Institute surveyed more than 500 CISOs to assess their level of preparedness for… Read More
Although organizations of all sizes are targeted by cyber criminals, small and medium-sized businesses (SMBs) have turned into a preferred target. In fact, according to Aberdeen research, the risk of a single data breach is 63 percent higher for SMBs than it is for larger organizations with over 1,000 employees. Overall, The Ponemon Institute’s 2017 State of… Read More
Identifying and matching organizational roles with the correct cyber security training content is critical, but it is also important to manage programs at every step to get maximum value from them. Program management means ensuring your training objectives match organizational roles, and following up training with practice runs and refreshers to keep specific skill sets… Read More