When U.S. officials began publicly discussing the threat actor known as Salt Typhoon, it was clear this was something beyond mere disorganized attacks. But for compliance leaders, the more important question was how a campaign of this scale could operate for so long within systems that were supposed to be compliant?
At the center of this gap is a concept many organizations believe they have already addressed… namely, rootkits.
The modern compliance landscape is about protecting against ongoing attacks, and APTs are the big bad of this mission. A new APT, Scattered Spider, has quickly become one of the most high-profile threat actors in modern cybersecurity, specifically because it’s using APT tactics while flipping the script on how they work.
This group offers a wake-up call: even the most security-conscious organizations are still dangerously reliant on outdated assumptions about trust, identity, and vendor access. It’s up to you and your compliance partners to understand these threats and how to adapt.
As the cyber threat landscape becomes increasingly dominated by state-sponsored actors and advanced persistent threats, the DoD has taken critical steps to evolve its cybersecurity requirements for defense contractors.
For contractors handling Controlled Unclassified Information (CUI) and seeking to achieve CMMC Level 3, the NIST SP 800-172 Enhanced Security Requirements represent the most stringent technical and procedural benchmarks currently required in the Department of Defense (DOD) Industrial Base (DIB).
This article examines the practical application of NIST 800-172 controls, focusing on the advanced security capabilities, resilience engineering, and operational maturity required for high-trust environments.