Cyber Security News

What we’re talking about

maintaining a CMMC program
Cyber Security

Maintaining a CMMC Program – Best Practices

Maintaining a CMMC program requires that organizations engage management system principles in their daily cybersecurity programs.  These activities will be essential for Department of Defense (DoD) contractors to remain compliant. Current CMMC Requirements Currently CMMC 2.0 requirements are divided into three levels of compliance: CMMC Level 1 – Foundational is comprised of the 17 practices

Read More »
Huawei and ZTE
Cyber Security

Huawei and ZTE Designated Threats to Security

The Federal Communications Commission (FCC) and Homeland Security Bureau have designated Huawei and ZTE as threats to U.S. national security.  Because both Chinese companies are subject to the Chinese Communist Party, they are required by law to cooperate with China’s intelligence gathering activities.  China has developed an arsenal of cyber capabilities to target U.S. information

Read More »
FBI Concerns about TikTok
Cyber Security

FBI Concerns About TikTok User Data

FBI concerns about TikTok’s use of U.S. citizens’ user data were conveyed to the House Committee on Homeland Security by Director Christopher Wray.  The Chinese owned social media app currently has over one billion monthly users.  Among the FBI’s concerns is that the Chinese government could conduct influence operations with the app or use it

Read More »
IoT Product Labeling Program
Cyber Security

IoT Product Labeling Program for Cybersecurity

In an effort to improve cybersecurity in the United States, the National Institute of Standards and Technology (NIST), Federal Trade Commission (FTC) and other federal government agencies are initiating an Information of Things (IoT) product labeling program for consumer devices.  This action is being taken as part of Executive Order (EO) 14028 to improve the

Read More »
iranian cybersecurity threats
Cyber Security

Iranian Cybersecurity Threats Continue Worldwide

The Truth About Iranian Cybersecurity Threats Given recent headlines, one might conclude that Iranian Cybersecurity threats were a new development.  In fact, Iran has been a player in the international cyber game since 2002 with the formation of the Ashiyane hacking forum to repress dissidents.  By 2007, government backed organizations had begun to develop sophisticated

Read More »
Quantum-Resistant Cryptographic Algorithms
Cyber Security

Quantum-Resistant Cryptographic Algorithms NIST

The National Institute of Standards and Technology (NIST) announced that they had selected four Quantum-Resistant Cryptographic Algorithms to address concerns of quantum computer cyber attacks against current encryption technologies.  The selection was made from respondents to a post-quantum cryptography standardization project. The Emerging World of Quantum Computing Quantum computers utilize certain phenomena of quantum mechanics

Read More »
florida state cybersecurity act
Cyber Security

Florida State Cybersecurity Act Revision

Amendments were signed into law to the Florida State Cybersecurity Act on July 1, 2022.  These revisions illustrate the gap between desired levels of information security and attained levels in both the public and private sectors. The Act, also known as the Cybersecurity Act applies to the Florida Digital Service (FLDS) and the heads of

Read More »
ISO 27001 cybersecurity
Cyber Security

ISO 27001 Cybersecurity Management System

ISO 27001 cybersecurity management is an effective Information Security Management System (ISMS) for organizations and businesses of all sizes.  It provides a means to ensure confidentiality, integrity, and availability of information in a system that can be harmonized with other management systems. The ISO Advantage There are numerous cyber security solutions for protecting confidential information. 

Read More »
nist cybersecurity for business
Cyber Security

NIST Cybersecurity for Business Applications

Integrating NIST cybersecurity for business applications into existing management system processes requires specialized implementation.  This is of special concern for organizations involved in contracting with the Department of Defense (DoD) that are adopting NIST SP 800-171 to meet Cybersecurity Maturity Model Certification (CMMC) requirements.   A major issue in this integration, is that the NIST cybersecurity

Read More »
challenges in adopting CMMC standards
Cyber Security

Challenges in Adopting CMMC Standards

Many small businesses owners have expressed concerns about the challenges in adopting CMMC standards.  While the Department of Defense (DoD) has been stressing the necessity for contractors to reach various levels of Cybersecurity Maturity Model Certification (CMMC) for years now, many businesses are at a loss as to how to implement an effective program despite

Read More »
IoT Device Cybersecurity
Cyber Security

IoT Device Cybersecurity Guidance for Industry

Internet of Things (IOT) cybersecurity is becoming an issue of increasing concern as these devices continue to secure a larger marketplace presence.  This is due to the fact that IoT solutions are a cost effective means of achieving integration of connected devices.  IoT include smart home products, wearable technology, health monitoring devices, alarm systems, and

Read More »
Economic Espionage by China
Cyber Security

Economic Espionage by China Threatens United States

Economic Espionage by China Continues in Every Sector in the United States Economic espionage efforts by China continue to pose a serious threat to the United States in both public and private sectors.  In the public sector hacking groups backed by the People’s Republic of China have infiltrated local and federal agencies.  These persistent attacks

Read More »
Understanding CMMC Requirements
Cyber Security

Understanding CMMC Requirements for DoD Suppliers

Understanding CMMC Requirements is critical for businesses of all sizes in the defense industry.  This need is becoming more urgent as final release of CMMC 2.0 is expected to occur in 2023.  Failure to achieve an appropriate level of Cybersecurity Maturity Model Certification in a timely manner may impede an organization’s ability to participate in

Read More »
messaging app security
Cyber Security

Messaging App Security and Information Privacy

Many users take messaging app security for granted when sending text messages, voice messages, photos, and videos.  However, not all apps secure messaging data equally.  This is a concern for both organizations and individuals who wish to ensure the confidentiality, integrity, and authenticity of information transferred between authorized users. Elements of Messaging Security Messaging app

Read More »
Infrastructure and Manufacturing Cyberattacks
Cyber Security

Infrastructure and Manufacturing Cyberattacks Continue

Infrastructure and the manufacturing sector concerns pose tempting targets for cyberattacks.  Widespread effects that can harm vast sectors of society can occur when these systems are compromised. When considering Cyber Security first thoughts usually go to computers and information technology, but industrial devices and processes can fall victims as well.  On May of 2021 the

Read More »