Since the Cybersecurity Maturity Model Certification (CMMC) was released in January 2020, there has been a lot of hand-wringing over what it means and who should actually care. This is especially true for AEC firms, many of which figure this regulation only applies to big system integrators and defense contractors like Northrup Grumman and Boeing. But CMMC isn’t just about large enterprises. Any organization that currently contracts with, or plans to contract with the U.S.

These days, when I cautiously venture to my favourite shopping mall on a weekend, I notice how different it is from a year-and-a-half ago, when no one had ever heard of COVID-19. It is busy, but not nearly as busy as it was back then. Sadly, I can rarely find my shoe size as merchandise stocks are low due to COVID-related supply chain issues.

Search engine optimization is one of the most important aspects of any business’s online marketing strategy. A well-maintained SEO plan provides a low-cost, long-term stream of relevant traffic into a website. Conversely, bad SEO can be very damaging to a business. Poor visibility on search engines like Google hands revenue over to competitors, forces higher spend on PPC advertising, and can damage trust with potential customers searching for you online.

Achieving a culture of DevSecOps is possible with the help of solutions like Intelligent Orchestration and Code Dx. As a trusted adviser to my clients, I use my unparalleled experience with a broad range of security tools to help them build and mature security programs. I work tirelessly to help them break down silos, facilitate collaborative change, create a culture of lean learning, and ensure continuous feedback and sharing, so they can build pipelines that are intelligent and risk-based.

For those who have played our Boss of the SOC competition or attended our security workshops, you are undoubtedly aware of Frothly, but in case you are not, here is a quick primer. Frothly is a fictional brewing supply company based in San Francisco who has successes and challenges, just like any other organization.

Already a significant concern before 2021, this year has revitalized cybersecurity as a top priority for every organization. Highly consequential cybersecurity incidents at companies like Colonial Pipeline, Kaseya, and T-Mobile brought front-page coverage to the issue, while cybersecurity attacks on small and medium-sized businesses soared, spreading the reach of threat actors.

As the COVID pandemic swept the world in 2020 and changed the way we travel and do business, other disruptions happened too: large wildfires driven by climate change, and a volatile domestic political scene pressured corporate policies over diversity and other social issues — and that’s just what happened in the United States.

It’s impossible to predict every risk that could affect your organization. Cyber attacks, ransomware, natural disasters, and power outages are all potential threats that could disrupt your business. While prevention is key, you must prepare for interruptions to your daily operations. That is why a business continuity plan — a detailed plan that explains how your company will continue to operate in the event of a disruption — is so crucial for your risk management program.

Ransomware attacks are here to stay, so it is vital to be prepared and don't become a statistic. Here are 5 tips to help protect your organization.

It has been a tough few months for Microsoft. After the SolarWinds/NOBELLIUM attacks, Microsoft Exchange customers were afflicted with a slew of vulnerabilities. In March 2021, the ProxyLogon vulnerability emerged, followed by an exploit that surfaced in April 2021 called NSA Meeting. In August 2021, Orange Tsai released a series of new vulnerabilities called ProxyOracle and ProxyShell, followed by the discovery of another Proxy flaw, dubbed ProxyToken.