CMMC, NIST 800-172, and Advanced Persistent Threats

persistent threat computer button

As organizations move up the CMMC maturity model, they do so for one reason: to prepare themselves better to protect against Advanced Persistent Threats (APTs). These threats are a significant problem in the defense supply chain, and as such, CMMC leans heavily on NIST 800-171 and 800-172 to address them. 

This article introduces how these documents, particularly Special Publication 800-172, address APTs.


Read More

What Is Post-Quantum Cryptography and Apple’s PQ3?

post quantum cryptography featured

The existence of quantum computers on the horizon has shaken the cryptography world, and researchers and scientists have received a massive response to build feasible Post-Quantum Cryptography (PCQ). Recently, Apple has taken an enormous step forward by announcing their own PCQ systems, PQ3, in Apple devices. 

Learn more about PCQ and Apple’s announcement and the more significant impact of post-quantum encryption.

Read More

Incident Response and the Responsibility of Your Organization for Protecting Data

incident response plan featured

As the recent Ivanti security breaches indicate, the existence of a strong and effective incident response isn’t an option but a necessity. An incident response plan (IRP) is essential to prepare an organization to respond to any security incident effectively and on time. This plan spells out processes that an organization should undergo in case of a cybersecurity incident while reducing damage and time for recovery.

The IRP is at the heart of effective cybersecurity and effective compliance management. This article will cover the basics of these plans and IR best practices. 


Read More