Organizations implementing a new corporate network may find it more practical to not deploy and manage an on-premises network infrastructure (e.g., a network with local internally managed servers). The cloud provides an attractive alternative. Data … Read more
Introduction Since its establishment in 2001, the Department of Defense (DOD) Cybersecurity Service Provider (CSSP) Program has progressively and systematically matured to become one of the most critical components of the Department’s Defense — In-Depth … Read more
A Case of Misplaced Trust A lot of trust is placed in certificate authorities. SSL/TLS on its’ own protects against a malicious actors. It does this by intercepting communications. However, certificate authorities do nothing to … Read more
Introduction Whether internal or external to the Department of Defense Information Network (DODIN), passive and active Defense Cyberspace Operations (DCO) are Cyberspace Operations (CO) intended to protect and defend the Department of Defense (DOD) or … Read more
Simplifying NIST SP 800-171 Compliance Process Since the contracting community has grown substantially, it also has led to a series of high profile breaches. These breaches involved the exfiltration of government data from contractors who … Read more
Globally, about 5 million data records are lost or stolen each day. For each theft, consumers spend an average of 20 hours and $770 to attempt to rectify their losses. Individuals’ reputations suffer, sometimes permanently. … Read more
The liberal, humanist foundations of western democracy in general (and American democracy in particular) are predicated on the idea that each person is valuable in and of himself or herself. From this thesis flows…
It is no secret that most small businesses nationwide are vulnerable to cyber-attacks, and fortunately for Maryland, stakeholders wanted to do something about it. Championed by elected officials – both Republicans and Democrats – with … Read more
While U.S. regulators typically issue cybersecurity guidance instead of strict cybersecurity regulations, the New York Department of Financial Services (NYDFS) broke the mold by issuing the most comprehensive and prescriptive state cybersecurity regulation (23 NYCRR 500)…
The 10TH Unified and 4TH Functional Combatant Command The United States (U.S.), along with its allies and potential foes, are witnessing an unprecedented fast–paced evolution of the 21st century cyberspace domain landscape. As it relates … Read more
