National Security Memorandum & DHS Pathfinder Assessment

Happy Monday, and thanks for tuning in to this week’s segment of Mondays with Miranda! This past month, President Biden issued a national security memorandum, instructing the Department of Homeland Security’s cyber team and NIST to work together with federal agencies to develop cybersecurity performance goals for critical infrastructure operators and owners. The memorandum also […]

Recent Ransomware Attack & New CMMC Member

Happy Tuesday, and thanks for tuning in to this week’s segment of Mondays with Miranda. I hope everyone had an awesome Independence Day weekend! Last week, about 1500 businesses were affected by the Kaseya ransomware attack. Although it has been said that only a small number of Kaseya’s direct customers were affected, many of those […]

CMMC AB Authorizes First Certified Third-Party Assessment Organization

Happy Monday, and thanks for tuning into this week’s segment of Mondays with Miranda! First things first, don’t forget to register for our webinar this week! On Wed, Jun 16th from 6:30 PM to 8:00 PM EDT, we will be discussing an effective way to “Bulletproof” your network and your reputation. All your questions on […]

President Releases Executive Order on Cybersecurity; CMMC-AB On Path to Approve First Assessor

Happy Monday, and thanks for tuning in to this week’s segment of Mondays with Miranda! Last week, President Biden released an executive order which focuses primarily on improving cybersecurity within the federal government. Essentially, the executive order states that software sold to the federal government will need to comply with strict standards within six months. […]

CMMC AB Appoints First CEO & Launches Industry Advisory Council

Happy Monday, and thanks for tuning into this week’s segment of Mondays with Miranda! In recent cybersecurity news, there have been reports of personal data being scraped from more than 500 million LinkedIn users and posted for sale online. This comes not too long after Facebook’s similar incident of personal data being leaked from more […]

CMMC Spreading Throughout Federal Agencies

Happy Monday, and thanks for tuning into this week’s segment of Mondays with Miranda! Solarwinds has become the talk of the (cyber) town, as news has just been released stating that NASA and the FAA are also victims of the recent cyber attack. The attack hit nine U.S. government agencies and about 100 private companies, […]

Statement from NeQter Labs Regarding SolarWinds Hack

Happy Monday, and welcome back to Mondays with Miranda! I’m sure we’ve all heard about the recent SolarWinds hack by now, but if you haven’t, stay tuned. What do we know so far? The breach began back in March 2020, when an email system used by the Treasury Department and other federal agencies was compromised. […]

Updated 8(a) STARS III RFP to Include CMMC

Happy Monday! In today’s exciting news, the GSA recently released the updated 8(a) STARS III RFP, which includes CMMC. According to JD Supra, “as part of each offeror’s Supply Chain Risk Management Plan, the 8(a) STARS III RFP requires the offeror to address 1) their intent to obtain CMMC, 2) their target certification level, and […]

U.S. Taking Steps to Prevent Cyber Attacks at a State Level

Happy Monday! Last week, a Texas School District lost $2.3 million to a phishing attack. The incident involved three transactions sent over the course of one month. The school district did not realize until after the third transaction that the bank account information had been tampered with, and the account on the receiving end was […]

DoD Names Chair for CMMC Program

Happy Monday! Last week, the Consumer Electronics Show (CES) began during a cyber attack that hit Las Vegas. City officials have been actively working to determine where the attack began. As of now, officials are saying that the attack began with a malicious link in a city employee’s email. This breach comes during the issues […]

Ryuk Ransomware and FDPL Website Hack

Happy Monday! Last week, a Ryuk ransomware attack took down the entire IT network of a Maritime Transportation Security Act (MTSA) regulated facility. The United States Coast Guard stated that the cause of the attack most likely began with a phishing email. Operations at the facility were reportedly shut down for over 30 hours and […]

New Cybersecurity Laws & Smartphone Location Data

Happy Monday, and happy (almost) New Year! In today’s news, new cybersecurity laws, called “Insurance Data Security Laws,” were just passed about a week ago, and will take effect in CT on October 1, 2020, and in NH on January 1, 2021. The laws will “affect insurance carriers, producers, and other businesses licensed by the […]

Microsoft Windows 7 and Windows Server 2008 End-Of-Life

Happy Monday and happy holidays! I’ve got some interesting news to start off this holiday week. First, Microsoft will no longer support Windows 7, Windows Server 2008, and Windows Server 2008 R2 after January 14th, 2020. These systems have reached their end-of-life mark and this means that Microsoft will no longer provide security updates or […]

CMMC Draft Version 0.7

Happy Monday! CMMC or the Cybersecurity Maturity Model Certification released draft version 0.7 last week. You can view the document here. The new draft includes levels 4 & 5 of the CMMC, as the previous draft versions did not. Last week, the city of Pensacola, FL was hit by a cyber attack just days after […]

New CMMC Draft & Facebook Privacy Issues

Happy Monday! If you haven’t seen yet, be sure to take a look at the CMMC (Cybersecurity Maturity Model Certification) draft version 0.6 that was released last week. We’re getting closer to 2020, which is when the final version is set to release, and audits are going to begin for all companies holding government contracts. […]

Cybersecurity Awareness Month: Two-Factor Authentication

Happy TUESDAY! I hope everyone enjoyed the holiday yesterday. Last week, the NeQter Labs team attended two events: the NDIA New England 4th Annual Cyber Event and the SENEDIA Tech Talk: Cybersecurity Maturity Model Process. Thanks to everyone who came out and spoke with us! In light of Cybersecurity Awareness Month, the FBI recently warned […]

U.S. Electrical Grid More Vulnerable Than Ever

Hey guys, it’s Monday again! Just a quick reminder, our CEO, Richard Astle, is a finalist in the Cox Business News 2019 Get Started Rhode Island event on October 2nd, 2019. This event is a “shark tank” type of competition between startup business leaders to pitch their ideas in front of an audience and a […]

Insider Threat & Password Vulnerability

Happy Monday! Just a reminder, our CEO, Richard Astle, is a finalist in the Cox Business News 2019 Get Started Rhode Island event on October 2nd, 2019. This event is a “shark tank” type of competition between startup business leaders to pitch their ideas in front of an audience and a panel of judges. NeQter […]

Navy Cracking Down on NIST SP 800-171 Compliance

Happy Monday! The Navy is cracking down on NIST SP 800-171 compliance and contractors who are not compliant, need to begin as soon as possible. On September 6th, 2019, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated and within it, is a list of requirements that contractors are required to meet immediately. These […]

Cyber Attacks Targeting Cities

Happy Monday! As a reminder, NeQter Labs’ CEO will be sitting on the panel at the North Kingstown Chamber of Commerce Cybersecurity event on September 12th, 2019 at 4:00 P.M. Register online here ASAP if you want to attend! We can’t wait to see you! In a world filled with technology, cyber attacks are really […]

The Flaw that Affects Us All

Happy Monday! Early next month our CEO, Richard Astle, is going to be a panelist at the North Kingstown Chamber of Commerce Cybersecurity event. The event will take place on September 12th at 4:00 P.M, at the Quonset O Club in North Kingstown, RI. If you’d like to attend, register online here. In other news, […]

DoD Announces New CMMC Program—and It’s Great News for Small Contractors

We’ve expected for some time that the Department of Defense was going to step up its efforts to move away from self-attestation and start enforcing cybersecurity compliance among defense contractors. Now—just like that—it’s a reality.

DFARS Cybersecurity Audits: What to Expect

As cybersecurity compliance becomes more top-of-mind and breaches become a common pit-in-the-stomach reality, the industry is learning an important lesson: An audit is not just a vague and unlikely possibility. It is happening to companies at almost every tier in the defense supply chain.

Supply Chain Cybersecurity Audits Are Coming…

Happy Monday! Last week we saw very interesting signals coming out of the Department of Defense, and the actions it’s exploring to instill accountability measures for DFARS cybersecurity requirements. In case you missed it, here are the highlights.

New DoD Guidance for Evaluating NIST SP 800-171 Compliance

Happy Monday, Cyber World! The Department of Defense has just made public their final two guidance documents on assessing compliance with NIST SP 800-171. I’m going to put the highlights into plain English here.

The Significant Threat of USB Devices

Happy Monday to all of you readers! I have two interesting pieces of cyber news to share today: USB Devices… Are They Safe?
A research study done by Honeywell was just released on Friday, and it shows that removable USB devices (flash drives) are a significant threat to industrial facilities.

What Should NIST Compliance Actually Cost?

Cyber compliance is now, quite simply, a cost of doing business in the defense sector. And it’s the thousands of small businesses working on specialized solutions that the government worries about most. But in creating our solution, we asked ourselves the hard question: “How is a small business ever going to be able to afford what’s required for compliance?”

Safeguarding the Nation’s Critical Infrastructure

Happy Monday, Cyber-World! As most of you may know, it’s National Cyber Security Awareness Month (NCSAM), and this week’s topic is “Safeguarding the Nation’s Critical Infrastructure.” Although they are all important, this is one of the more important topics being featured in NCSAM. The critical infrastructure of our nation is what our daily lives rely on. This includes food and water supply, power, public health, financial services, networks, etc. All industries must have cybersecurity plans in place to ensure the critical systems, which are extremely important to us, remain safe.

What We Learned: Our Compliance Story

As the CEO of Scientific Solutions, Inc. (SSI), a small, highly specialized engineering firm in the defense ecosystem, I work with a team of eight of the best and the brightest engineers. We develop sophisticated SONAR solutions that protect critical assets.

IoT Law & Cybersecurity Awareness Month

Happy Monday, Everyone! Some cybersecurity news is coming out of California this week…

First IoT Cybersecurity Law Passed
California has just become the first state to pass a cybersecurity law that covers smart devices. Beginning on January 1st, 2020, all devices manufactured in California that connect to the internet must be equipped with reasonable security features that will “prevent the unlawful access, alteration, or information disclosure.”

GDPR and NIST Cybersecurity Compliance

By now, most companies know about GDPR and its directives on handling personal data — from email addresses to personnel data. But the connections between NIST cyber security compliance and GRPR compliance is far less obvious.

Identifying and Safeguarding CUI

If you’ve heard of NIST SP 800-171, or operate within the Department of Defense ecosystem, you’re probably familiar with the term CUI, or Controlled Unclassified Information. Often used interchangeably with Covered Defense Information (CDI), CUI is, technically, “information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified.”

New National & DoD Cyber Strategies

On Friday, September 21st, the Trump Administration released a new cyber security strategy. According to Cyber Defense Magazine, it is the “first fully articulated National Cyber Strategy released in 15 years.” The President’s National Cyber Strategy is said to protect our networks by “securing Federal networks and information about our Nation’s critical infrastructure, as well as combating cybercrime and improving incident reporting.” As President Trump said, “We must protect the American people, the homeland, and our great American way of life.” It is great to know that we are taking a step forward in protecting our fast-growing cyber world.

NIST 800-171 Risk Assessments: Straight Talk

What is a risk assessment, in the context of NIST cybersecurity compliance? What does it entail? When should we conduct the risk assessment? Who can do it for us, or can we do it ourselves?

Cybersecurity Events for Small Businesses

Good morning and happy Monday! There is some interesting cyber news that I want to share with you today, but first, let’s discuss upcoming events. This Thursday, September 13th.

Five NIST & DFARS Questions With Christopher Michaud

PBN: What are some of the specialized DoD subcontractors that can benefit from the NeQter Labs Compliance Engine?

CUI Workshop & DoD Security Concerns

Good morning and happy Monday, everyone! I have lots of great news this week, but first, I want to talk about a few events that will be happening soon.

Mondays With Miranda: August 20, 2018

Happy Monday, Everyone! I’ve got lots of interesting news today regarding the DoD, but first, I want to talk about a few upcoming events.

Mondays With Miranda: August 13, 2018

The world’s largest chip manufacturer, The Taiwan Semiconductor Manufacturing Company (TSMC), was hacked just about a week ago, now.

Demand Grows for NIST Compliance Tools

Small Businesses Seek NIST Compliance to Protect Sensitive Information and Retain & Grow Their Defense Work MIDDLETOWN, RI – AUGUST 9, 2018 – In under a year, NeQter Labs has worked with hundreds of companies across the Department of Defense (DoD) supply chain, fulfilling the companies’ NIST SP 800-171 compliance requirements and ensuring protection of […]

Category: Featured