How to Build Secure IT Infrastructure for Your Business

by Hannah Grace Holladay / June 14, 2023

The global information technology industry is worth around $5 trillion. To put that in perspective, the global oil and gas market is worth $5.8 trillion. IT is an enormous industry because every business depends on IT infrastructure. That makes infrastructure security a priority for organizations, from sole proprietorships to multinational corporations and governments. As a business owner or executive, you are responsible for creating and managing a secure infrastructure platform.…

Cybersecurity at Work: Audits That Require Security Awareness Training

by Amelia Lewis / June 15, 2023

It is Cybersecurity Awareness Month! Every October we are reminded of the potential threats that are up against our cybersecurity. It is no surprise that employees make their way to the top of the vulnerability lists each year. It is time we created a culture of cybersecurity in the workplace. Employees are often an organization’s weakest link. Whether it be the lack of funding or misunderstanding of cybersecurity best practices,…

Protecting MSPs from Million Dollar Ransomware Attacks

by Amelia Lewis / June 14, 2023

The DarkSide Ransomware Attack on CompuCom On March 3, the IT managed service provider (MSP) announced they had fallen victim to a Darkside ransomware attack. The cybercrime group installed CobaltStrike beacons on several systems throughout the MSP’s environment. These beacons helped the threat actor steal data, spread the virus, and deploy ransomware payloads.  The MSP expects the incident to result in losses of $20 million and counting due to the…

Using NIST 800-53 vs. NIST 800-171 in a FISMA Audit

by Sarah Harvey / June 13, 2023

When any organization engages in a FISMA audit, their information systems are organized according to FIPS 199 and FIPS 200 to determine security categories and impact levels. Then, those systems are tested against a tailored set of baseline security controls. Depending on whether an organization is a federal agency or a private sector entity, different NIST publications of security controls may apply to the FISMA audit. How can you determine…

FISMA vs. FedRAMP

by Sarah Harvey / June 13, 2023

FISMA and FedRAMP audits are often confused because both involve compliance around government data. But, when you dive into the details of each audit, you’ll recognize the differences are stark. Let’s talk through each of these compliance audits and how you can tell them apart from one another. What is FISMA? The Federal Information Security Modernization Act, or FISMA, is U.S. legislation that requires government agencies to meet a standard…