The GAO, formerly known as the General Accounting Office, works for Congress and does studies of how horribly inefficient the government is. In theory, that is so Congress can create new laws to make them do what any sensible organization would do without the laws. Here is one example. The GAO reviewed the security practice […]
Continue reading → [DISPLAY_ACURAX_ICONS]USTRANSCOM Starts CMMC Lite Now The DoD’s transportation command, the folks who are in charge of getting all the stuff that the military needs from where it is to where it needs to be, has announced that they are implementing a light version of CMMC NOW instead of waiting for the five years that it […]
Continue reading → [DISPLAY_ACURAX_ICONS]DoD Working on CMMC-Fedramp ‘Reciprocity’ by Year End CMMC, the DoD’s new cybersecurity standard is designed to measure security practices of companies and the servers in the computer rooms and data centers. But what about the stuff in the cloud. That is covered by another government standard called FedRAMP. But those two standards have different […]
Continue reading → [DISPLAY_ACURAX_ICONS]US Bulk Energy Providers Must Report Attempted Breaches The Solar Winds attack, from what little we know about it, was bad enough, but what if it was Russia’s trial run for taking down the power grid like they did in Ukraine or taking out the water supply or gas supply? NERC, the electric utility regulator, […]
Continue reading → [DISPLAY_ACURAX_ICONS]This seems to keep coming up, so maybe spending a little time on the subject might be helpful. The security or privacy team creates this form for users to acknowledge something or approve something and then hand it off. Marketing gets in the middle of it to make it look pretty. Developers then take a […]
Continue reading → [DISPLAY_ACURAX_ICONS]Three separate ransomware stories – all against healthcare organizations, even though SOME hackers SAID they weren’t going to hack healthcare. Of course, what makes you think you can trust folks who break the law for a living. #1 – Largest Private Hospital Company in Europe Hit By Ransomware Fresenius, is Europe’s largest hospital operator and […]
Continue reading → [DISPLAY_ACURAX_ICONS]