How FISMA is helping protect federal IT networks

Jul 13, 2021

The Federal Information Security Management Act, or FISMA, was passed by the United States Congress in 2002 in response to the growing concern of cybersecurity threats against federal IT networks. Through FISMA, the US government sought to enhance its cybersecurity maturity and reduce the risk to federal information and data.




What types of cyberattacks are on the rise?

Jun 11, 2021

In the weeks and months after a cyberattack on a high-value target, such as SolarWinds, Colonial Pipeline, or JBS, the industry will dissect the event in an attempt to find solutions to help us prevent future events like this. While we learn from this analysis, we know that we must remain vigilant on all fronts as our adversaries are becoming increasingly determined, well-resourced, and agile.




How can collaboration support Supply Chain Risk Management?

Jun 02, 2021

There has long been recognition that the supply chain represents a ‘soft underbelly’ for the US government from a cybersecurity perspective.




Setting realistic expectations for preventing ransomware attacks

May 25, 2021

In the aftermath of the recent high-profile ransomware attack on Colonial Pipeline – the company responsible for transporting 45 per cent of oil consumed on the United States east coast, there are clear and tangible consequences that have been experienced by the general public in a way that was not from the SolarWinds hack last year.




CMMC Renews Focus on OSCAL

May 21, 2021

The National Institute of Standards and Technology (NIST) is developing the OSCAL as a standardized, data-centric framework that can be applied to an information system for documenting and assessing its security controls, which can then be used to evidence compliance against different frameworks.


In Association With