The Early Bird Gets the Worm, When It Comes to CMMC and the DIB

This article originally appeared on SteelCloud’s official blog site. The Department of Defense’s CMMC (Cybersecurity Maturity Model Certification) program has undergone multiple changes, revisions, updates, and organizational shifts over the last two and a half years. As a result, DoD…

Why a zero trust framework is the most effective at securing federal agency networks

As malicious cyber actors continue to improve and refine their techniques of penetrating and exploiting vulnerabilities in federal government agency networks, the single verification cybersecurity models that agencies have historically implemented are no longer capable of preventing breaches and attacks.…

Federal Zero Trust: Agencies have questions, Quest and DLT have answers

In the last few years, there has been a dramatic increase in both the number and sophistication levels of cyberattacks against federal agencies. And with a record number of federal employees relying on remote work technologies, agency network perimeters are…

NIST, NSA, DoD, or HHS – which zero trust recommendation makes the most sense?

In May of this year, the Biden Administration released an executive order focusing on cybersecurity that mandated government agencies put a zero trust plan on paper within 60 days. This executive order certainly made headlines within and around the Beltway,…

What your organization needs to know about CMMC

The Cybersecurity Maturity Model Certification (CMMC) is a new requirement from the U.S. Department of Defense (DoD). It mandates that DoD contractors obtain third-party certification to ensure appropriate levels of cybersecurity practices are in place to meet “basic cyber hygiene,” as well…

“Some Things Haven’t Changed” – Chris Wilkinson discusses the difficult task of defending government networks

Just last month, the Prime Minister of Australia, Scott Morrison, announced that his country was facing a massive cyberattack that was impacting, “Australian organizations across a range of sectors, including all levels of government, industry, political organizations, education, health, essential…

Zero Trust: Buzzword or hack-buster?

Trust but verify: a Russian proverb Ronald Reagan often used to characterize U.S.-Russia relations, especially regarding nuclear weapons. The Internet has made it clear that the “trust” part of the proverb may not work so well. Today, we may have…

Practice makes perfect – honing incident response skills

Practice makes perfect. It’s a cliché for a reason, because it’s very true. The more you work at a particular skill or task, the better and more proficient that you become at it. Unfortunately for the cyberwarriors that are tasked…

Zero Trust: Buzzword or hack-buster?

Trust but verify: a Russian proverb Ronald Reagan often used to characterize U.S.-Russia relations, especially regarding nuclear weapons. The Internet has made it clear that the “trust” part of the proverb may not work so well. Today, we may have…

Compliance – is it becoming too big of a thing?

You have heard it enough to make you aim a fire extinguisher at your firewall: “compliance does not mean security.” Compliance work can consume up to 70 percent of security budgets in federal government agencies, and it is common to…