On Tuesday, December 26, 2023, the Department of Defense published the proposed rules for the Cybersecurity Maturity Model Certification (CMMC) program, which is now open for a 60-day comment period, ending February 26, 2024.
In a recent presentation to business leaders, Kent Goodrow, a Systems Engineering client Account Manager, spoke about the evolution of identity and access management (IAM). He noted the increasing business exposure to modern threats due to work-from-anywhere, cloud-first environments. Kent detailed how IAM has evolved over the last few years and how it now works to protect access to corporate resources. Below is an outline of his presentation on implementing IAM as your organization's first line of defense.
Have you ever questioned how you can measure the quality of a managed service provider (MSP), and their stance on IT security? Do they put security first within their own organization? The good news is a reputable MSP can answer this question by producing an impartial 3rd party SOC 2 Report. This audit is a voluntary annual review, and how the results can be an invaluable piece of information for leveling up trust within an MSP.
In 2018, there was 49.8 million tons of e-waste generated worldwide. The US contributed a staggering 10 million tons of this waste, and our share is growing. As environmental and health concerns arise over the ever-increasing e-waste, it is the responsibility of everyone to ensure its proper disposal.
Many organizations include the review of Service Organization Controls (SOC) examination reports in their annual vendor due diligence activities; however, most are unsure of what they should be looking for in the report. Determining what is relevant and knowing how to read a SOC examination report can help to ensure that organizations get the most value and assurance out of their review.
The role of the Information Security Officer (ISO) varies based on the size and complexity of an organization. It may be a full or part-time position held by an employee having only ISO responsibilities or by an employee having other roles within the organization. A primary role of the ISO is to work with management to strengthen its information security program and to protect the organization’s information assets.
Systems Engineering’s (SE) Lunch & Learn "Information Security Evolution and the Modern Network" was recently held in Bangor and Portland, ME and Nashua, NH. This event covered cybersecurity, its current state, how threat intelligence has grown, and an overview of the evolving layers of security.