Small and medium-sized businesses are particularly vulnerable due to limited IT and security resources and expertise, which can hinder their ability to build software for government agencies and contractors.

Standards exist to help these businesses stay in the game and remain competitive in a crowded software market, however. Specifically, the Secure Software Development Framework (SSDF). NIST Special Publication 800-218 provides a comprehensive guide to the SSDF, developing secure software, reducing vulnerabilities, and mitigating risks.

This article guides SMBs through implementing NIST 800-218, enhancing their security posture, and ensuring compliance with industry standards.

Awareness

Log4Shell Revisited: Costs and Fallout

Jul 24, 2024 Continuum GRC 0 Comment

Two years ago, we wrote about the emerging zero-day exploit Log4Shell and its impact on various systems. A new report from Skybox Security (covering vulnerability trends in 2023) calls this exploit the top vulnerability of the year.

This article will revisit the Log4Shell exploit and how it has played out since our last coverage.

Awareness Continuum GRC

Cybersecurity and the NTIS Death Master File

Jul 18, 2024 Continuum GRC 0 Comment

Across government and private organizations, the need to match records and confirm death has become a major concern. People who take out credit or receive benefits do so because they are living, and once they pass, there must be a way to align the state of their benefits and finances. This is where the NTIS Death Master File comes in.

This collection of records helps organizations track the deaths of social security beneficiaries. It contains private information that needs to be protected.