Demystifying POAM: Definition, Template & Example Walkthrough
Art Clomera, CTO, Federal Services – Wouldn’t perfection be great? Everyone, every organization, every system working exactly the way they should with inexhaustible, flawless precision from the word “Go.” Never worrying about something not going exactly as planned. It sounds pretty great but also pretty impossible… (even boring). Perfection in the world of cyber security […]
NIST 800-53: What is it and What are the Control Families?
Art Clomera, Vice President, Operations Ensuring the security of information systems is a complex but necessary task that virtually every modern organization must undertake to some degree or another. One effective method of tackling information system security is to use the Risk Management Framework (RMF) developed by the National Institute of Standard and Technology (NIST). […]
Cybersecurity Automation: How to Strengthen Defense While Reducing Manual Work
Art Clomera Vice President, Operations India, the US, Indonesia, and China alone account for almost half of the total reported cyberattacks in the government sector. Threats, ranging from espionage to malware designed to disrupt critical national infrastructure, are a defining feature of modern geopolitical relations. This barrage demands always-on, predictive, continuously improving advanced cybersecurity measures. […]
Proactive IT Risk Management: Building Resilience in an Evolving Digital World
R. Shawn Elliott President and LLC Manager IPKeys Technologies, LLC | Chickasaw Nation Industries (CNI) 2024 brought some harsh cybersecurity lessons for everyone working in U.S. government cybersecurity. One major wake-up call came when Chinese hackers broke into several U.S. telecom networks in an attack dubbed Salt Typhoon. Then came an unexpected hit. CrowdStrike, which […]
NIST Security Controls Explained (with Examples)
Art Clomera Vice President, Operations Federal agencies would be paralyzed without the data centers and software systems that store and process data. But many cyberattacks aren’t politically motivated. Government agencies worldwide are often targeted for the vast quantities of personal information they keep about citizens. The market for this stolen data is more lucrative than […]
Key Insights from the NIST AI Risk Management Framework
Art Clomera Vice President, Operations The AI RMF is an extension of the NIST Risk Management Framework (RMF), tailored for artificial intelligence (AI) systems. It provides organizations with a structured approach to identify, assess and manage risks related to AI technologies throughout their lifecycle. The new battlefield is dominated by software and hardware. To navigate […]
What is DoD Impact Level 5 (IL5)?
Don’t let data breaches compromise your mission. The DoD IL5 standards protect information systems handling data that could devastate national security if breached.
How to Create a Comprehensive Access Control Policy: Template & Example
Art Clomera Vice President, Operations Granting access to a valuable resource is a question of trust (conditional authorization) and necessity (continuous authentication). For example, consider a company office building. Some areas are publicly accessible, while others are restricted to specific personnel. These restricted areas may have confidential information or sensitive equipment and therefore are limited […]
How to Conduct Cybersecurity Compliance Risk Assessments in 4 Steps
Shawn Elliott, Vice President, Federal Solutions In an organizational context, “being in compliance” refers to an organization conforming to the applicable standards and rules set by governing entities. These standards and rules can be both external (e.g. laws, industry standards, regulations) or internal (e.g. company policies). Failure to adhere to applicable standards can lead to […]
RMF Continuous Monitoring: How to Keep Your Cybersecurity Program Up to Date
Art Clomera Vice President, Operations In today’s fast-paced digital landscape, cybersecurity threats are constantly evolving, making it crucial for Federal agencies to keep their defenses current. Risk Management Framework (RMF) Continuous Monitoring is a process that enables organizations to keep a watchful eye on their cybersecurity program and respond to emerging threats in a timely […]
