I have noticed something recently from some members of the CMMC consulting community. Create fear. Statements like CMMC will be in contracts in May of next year and if you are not CMMC compliant you will not be able to get DoD contracts are in their sales pieces. Here is the reality. CMMC is really […]
Continue reading → [DISPLAY_ACURAX_ICONS]The only way that any company is going to get to real security is if they get to Secure by Design. What does that mean? Well, there is no hard and fast definition, but here are some good suggestions: LIMIT SHADOW IT You can’t protect what you don’t know is there. Shadow IT also has […]
Continue reading → [DISPLAY_ACURAX_ICONS]The All Writs Act is a law that dates back to the late 1700s. It allows the government to force companies to do all sorts of things. Completely legally. Usually very quietly. In this case the government was trying to find a Russian national, Aleksey Burkov. The government wanted to track him so that he […]
Continue reading → [DISPLAY_ACURAX_ICONS]TSA Updates Cybersecurity Guidelines for Pipeline Operators After the Colonial Pipeline meltdown last year, TSA, who regulates pipeline cybersecurity (don’t ask), issued a set of regulations for pipeline operators to follow. Given that TSA had less than a dozen people in their cybersecurity department and zero industrial IoT expertise, it is not a surprise that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Voyager Digital is a cryptocurrency “bank”. It isn’t regulated like a bank, which a problem for users. The have debit cards and make loans. They trade crypto. Accept deposits. They also offered insane “rewards” (12%) so they could invest in the crypto space. In order to fuel these crazy payouts, they had to make risky […]
Continue reading → [DISPLAY_ACURAX_ICONS]As loss payouts on cyber policies continue to increase, carriers are looking for ways to get out of paying. Since cyber insurance is a non-standard-form policy, you really have to read it carefully to understand whether you are complying. For example, in reviewing one client’s policy, we discovered that if the client did not perform […]
Continue reading → [DISPLAY_ACURAX_ICONS]