So, you’re now a Security Control Assessor (SCA)
Elements of Good Audit Practices There are several activities that will help the security auditor prepare for a formal assessment. ...
Month: February 2019
DOD Cybersecurity gets (even more) Serious
What is NIST SP 800-171? In 2014, DOD adopted the overall National Institute of Standards and Technology (NIST )Risk Management...
The 6-Step Incident Response Plan(IRP) Roadmap
A Quick-Start Guide Use the Cyber Incident Life Cycle to guide the company’s operational incident-handling artifact/procedure. This should be an...
SPOT: Will Lockheed run the clock out on F-35’s ALIS subsystem ATO?
2 WEEKS LEFT The F-35 joint program office issued a one-year Authority to Operate (ATO) in March 5, 2018 for...
Why System Development continues to be a challenge?
The PPT "Triangle" is at the root of this issue Origins The People-Process-Technology (PPT) Triangle has a less than defined...
Mortgage Mayhem
Lessons Learned about ongoing hacking challenges in the real estate market I recently moved across the country. Being a good...
Why I hate contract-to-hire?
...and 6 months (or less) contracts to boot Is anyone else tired of getting these positions? I keep getting them,...
COMMENTARY: The IC’s Cyber Threat Framework
Was it really worth it? The Intelligence Community (IC) recently released its Cyber Threat Framework (CTF). They have been working...
FEB 2019 POLL: Who is the greatest nation-state threat in cyberspace for 2019?
With all the new network breaches to both the public and private sector, who is the NUMBER 1 culprit? For...
We play chess, they play WEI-QI
How the Chinese are beating us in the long game The games we play as children tell us many things....
Why is Secure System Development So Hard?
Because we are not really trying So why is secure system development so hard? Too many of the major defense...
