Blog

FedRAMP: A Heavyweight Security Framework for Cloud Service Providers

You need FedRAMP if you want to prove your cloud services is secure enough for U.S. government data. Read the full September 6, 2018 article published on cybersecurityventures.com here. In its latest Compliance Report for Cybersecurity Ventures, Sera-Brynn shared how FedRAMP came into being, who should care, and why being FedRAMP-authorized is important for companies. “The… Read more »

Good Communications Planning Increases Resilience

By: Loren Dealy MahlerPresident, Dealy Mahler Strategies, LLC The last two years have given us a plethora of news headlines taking companies to task for incidents that exposed or directly compromised customer data. From very large events involving millions of financial records, to smaller events involving personal health information, the hits just keep coming. As… Read more »

Cyber Tips For Students Heading Off To College

Thousands of students will head off to college later this summer and fall and take with them laptops, smartphones, tablets, gaming consoles and myriad other electronic devices. But they are probably not taking the proper precautions against the risks posed by the use of those devices. Whether it’s having someone walk off with an unattended… Read more »

The Kaspersky Ban

October 1, 2018 Deadline for Government Contractors to Comply with the FAR Ban on Kaspersky Lab Products Nears On October 1, 2018, U.S. government contractors will need to be compliant with the government-wide ban on the use of Kaspersky Lab products and services in support of their government contracts.  An interim rule requiring the insertion… Read more »

The Heavyweight Rules and Concepts You Need to Know About FedRAMP

The first rule of FedRAMP is … You do not talk about FedRAMP! (Sorry, that’s of course a quote from Fight Club, a movie about an insomniac office worker looking to shake things up with, well… fighting.) The real first rule about FedRAMP is that companies should attain the certification to show that their cloud… Read more »

What Cyber Framework Should My Organization Follow?

What are Security Frameworks? Security frameworks provide a calculated approach to determining risk, setting up a security strategy, and allocating security resources. They are (or should be) measurable, repeatable, and are often standardized by industry. With all the frameworks available…NIST, ISO, NERC CIP, PCI…which is right for your organization? Well the answer is…it depends. Where… Read more »

Self-Assessment and Re-Validation: Maintaining Compliance and Internal Cyber Audits Webinar

  Webinar: Government Contracts Cyber Café Series — Self-Assessment and Re-Validation: Maintaining Compliance and Internal Cyber Audits Registration is required to join this event. If you have not registered, please use the link below. Event status: Not started (Register) Date and time: Tuesday, August 21, 2018 8:30 am Eastern Daylight Time (New York, GMT-04:00) Duration:… Read more »

IN THE NEWS: Sera-Brynn’s Colin Glover Comments on Recent Wells Fargo News Related to Lawsuits Filed by its Customers Regarding Fraudulent Debit Card Charges

BY ALEXANDRA CLINE Richmond Times-Dispatch https://bit.ly/2Nf9kNy Some consumers affected by the Wells Fargo debit card fraud issue of the past several months are not only fed up – they’re taking action. To date, two complaints have been filed with the Virginia Attorney General’s office about the fraud issue, said spokeswoman Charlotte Gomer. Another consumer also… Read more »

Why does your organization need a CISO?

By Crystal Silins, Senior Security Analyst Most companies today employ a Chief Information Officer (CIO) or Chief Technology Officer (CTO), an executive responsible for all things IT for the organization. The CIO or CTO typically reports directly to the CEO, and educates executive management and employees on the business value and risk that IT systems… Read more »