News & Media

Apr

17

Apr 17, 2023

The Department of Defense is working with civilian government departments to impose a new Federal Acquisition Regulation (FAR) rule that requires contractors supporting these agencies to meet new cybersecurity requirements, along the lines of the DoD’s Cybersecurity Maturity Model Certification (CMMC) program. Plans for greater alignment were shared by the chief of defense industrial base cybersecurity at the Office of the DoD CIO, Stacy Bostjanick, at a virtual event early this month.

Read more

SHARE

Apr

13

Apr 13, 2023

March 2022 saw the release of PCI DSS v4.0, the most significant change to the standard since 2004. We are currently in the transition period between v3.2.1 and v4.0 and now is the time for organizations to begin implementing controls in preparation for meeting the updated requirements.

Read more

SHARE

Mar

29

Mar 29, 2023

New Research Suggests Current Approach to Misconfiguration Detection in Commercial Critical National Infrastructure (CNI) Networks Results in Unquantifiable Levels of Compliance Risk

Read more

SHARE

Mar

15

Mar 15, 2023

The U.S. Securities and Exchange Commission (SEC) recently announced their intentions to finalize new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and cybersecurity incident reporting by companies. Public companies need to familiarize themselves with the proposed changes and make the necessary preparations to ensure compliance.

Read more

SHARE

Jan

18

Jan 18, 2023

In December 2021 news of a critical vulnerability in the Apache Log4j software made the headlines. While it has now been more than one year since the initial alert, and despite patches being released, the vulnerability persists.

Read more

SHARE