Vince Lombardi, the famous football coach, used to start his training camp each season with a talk about doing the basics. He’d tell the players that they start with the basics, then he’d take a football and hold it up and tell them, “This is a football.” In football, as in life and IT Security, starting with the basics is the most important step you can take. Don’t assume anything. So, let us begin with the basics. CIS is the Center for Internet Security.

Remember that high school teacher who was never more than one chapter ahead of their students? Well that is me, in this blog. ¯\_(ツ)_/¯

The Cybersecurity Maturity Model Certification (CMMC), drafted by the Department of Defense (DoD), is a new standard set to enhance supply chain security and augment the NIST SP 800-171—Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations. A key difference between the NIST SP 800-171 and a CMMC is the removal of a self-attestation component in favor of a third-party assessor model.

LXC (LinuX Containers) is a OS-level virtualization technology that allows creation and running of multiple isolated Linux virtual environments (VE) on a single control host. These isolation levels or containers can be used to either sandbox specific applications, or to emulate an entirely new host. LXC uses Linux’s cgroups functionality, which was introduced in version 2.6.24 to allow the host CPU to better partition memory allocation into isolation levels called namespaces .

Office 365 HIPAA compliance is a pressing concern for an increasing number of healthcare companies. Microsoft’s robust cloud solution lets providers keep records and communicate with ease — but is it too easy? Can sensitive information really be protected if it’s stored in the cloud? Cloud computing has been making inroads into the healthcare industry for several years.

VPN stands for virtual private network. It allows you to hide your public IP address and browse privately on the internet without being tracked or watched. Basically, a VPN offers you a thick layer of privacy when using your home Wi-Fi or public. These networks were originally designed for big businesses and governments that wanted to keep their activities secret and secure.

Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the town hall didn’t.

Ticketing systems are essential to today's enterprise IT help desk operations—without them, service requests and issues would end up lost inside a flurry of emails and handwritten notes. Both JIRA's Service Desk and ServiceNow are leading solutions in this category; the latter has a 25% share of the IT service management (ITSM) market, while Atlassian—though more software developer-focused—is a household name when it comes to project management and collaboration tools.

In the early days of SharePoint, installing a free version was fairly straight-forward and simple, and once in place, it would quickly catch on and spread across a single team, then expand between teams, and soon could be seen throughout the entire organization. In those early waves of growth, few paid much attention to the growing sprawl of sites and content.

Phishing attacks are a common attack vector for financial services organizations. Effective and simple to launch, phishing attacks challenge financial firms to protect their mobile workforce and harden their customer-facing apps. Mobile phishing, in particular, bypasses traditional perimeter defenses such as secure email gateways by targeting users via personal email, SMS and social messaging apps.