Cloud Readiness Assessment: Is Your Organization Ready to Move to the Cloud?
Art Clomera Vice President, Operations The benefits of migrating mission-critical systems and data to the cloud are many and well-documented: agility, access to cutting-edge technology, cost savings, efficiency, scalability, and resilience. But before diving headfirst, how do you know if your organization is ready for the transition? Enter the cloud readiness assessment. The Cloud […]
Aligning cybersecurity with GRC: The best GRC tools for 2025
Art Clomera Vice President, Operations Most organizations succeed (or falter) based on the information they keep and the sophistication with which they can manage it. It’s why having the right GRC tools in place to help manage governance, risk management, and compliance (GRC) issues around information has become a standard organizational strategy. While CISOs […]
The Top 9 Cybersecurity Tools and Software for 2025
Art Clomera Vice President, Operations 2024’s cybersecurity landscape demands a new breed of cybersecurity tools, ones that blend cutting-edge technology with predictive intelligence, advanced analytics, and adaptive strategies. Deep learning algorithms and comprehensive data analysis empower these tools to be proactive and predictive, seamlessly integrating into cloud, on-premises, and hybrid environments. This year’s challenges are […]
What is a POAM? (Including a POAM Template and Example)
Art Clomera, CTO, Federal Services – Wouldn’t perfection be great? Everyone, every organization, every system working exactly the way they should with inexhaustible, flawless precision from the word “Go.” Never worrying about something not going exactly as planned. It sounds pretty great but also pretty impossible… (even boring). Perfection in the world of cyber security […]
Demystifying CUI: Your Comprehensive Guide for 2025
Art Clomera Vice President, Operations What is Controlled Unclassified Information (CUI)? The era of CUI before Executive Order 13556 was fragmented, haphazard, and far leakier than it is today. Each agency had its own rules and procedures for handling unclassified information, leading to a complex, confusing jumble of policies. Sharing information across multiple government […]
GRC in Cybersecurity: Why is it Important?
Art Clomera Vice President, Operations Simply put, Governance, Risk, and Compliance (GRC) in cybersecurity fosters a culture of transparency, accountability, and trust by promoting good governance, effective risk management, and regulatory compliance. It originated from the Open Compliance and Ethics Group (OCEG) in 2002 and has become indispensable due to the increasing complexity of cybersecurity […]
From Risk to Authorization: Understanding ATO in Cybersecurity
Art Clomera Vice President, Operations The Authorization to Operate (ATO) is crucial for the US Federal Government and the Department of Defense (DoD). It represents an official management decision granted by a senior organizational official. The ATO Cybersecurity decision authorizes the operation of an information system and explicitly acknowledges the associated risks to agency operations, […]
Mastering NIST 800-30: A Guide to Effective Risk Assessments
Art Clomera Vice President, Operations In the aftermath of several high-profile breaches and attacks on federal agencies this year, NIST 800-30 helps to translate the intricate vulnerabilities and countermeasures in ways that executive leadership overseeing the agency’s policy implementation can understand. Sharing information enables decision-makers to understand the full extent of the threat landscape in […]
Mastering POA&M Management: Strategies for Effective Continuous Monitoring and Success
Art Clomera Vice President, Operations Plan of Action & Milestones (POA&M) management is the act of compiling a must-do list outlining the actions and milestones needed to address security vulnerabilities and weaknesses within an information system. To this end, a POA&M is a potent management tool because deadlines are assigned for each task, and team […]
Your Shield Against Threats: NIST Security Controls Explained (with Examples)
Art Clomera Vice President, Operations Federal agencies would be paralyzed without the data centers and software systems that store and process data. But many cyberattacks aren’t politically motivated. Government agencies worldwide are often targeted for the vast quantities of personal information they keep about citizens. The market for this stolen data is more lucrative than […]
