Don’t Negotiate with (Cyber)Terrorists: OFAC Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments
It’s of the utmost importance to understand that paying off ransomware attacks doesn’t just present a considerate risk to your business, but to the country as well. On October 1, 2020, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory detailing these risks due to a steep increase in demand for ransomware payments that have skyrocketed during the COVID-19 pandemic. Their warning was very clear: “Facilitating…
Continued
Critical Updates Regarding CMMC GCC & GCC High Licensing: How These Changes Will Impact your Organization’s CMMC Strategy
With enforcement set to begin for the CMMC, we’ve received a lot of questions from clients about the role that government licensing (GCC & GCC High) for CSPs (Office 365 Commercial, Azure, AWS etc.) will have in relation to addressing their respective CMMC 3-5 requirements. It’s long been known that this type of government licensing is extremely costly from both a price and implementation standpoint, and as a result, is…
Continued
The CMMC Hammer Has Dropped for GSA Stars III Contractors
Critical Update for GSA Stars III Contractors; New IT Compliance Requirement Mandates Organizations that are listed under the GSA are companies that work with the government, outside of the DoD. It was recently announced (GSA STARS III CMMC Release) that- effectively immediately- GSA companies may have to begin adhering to the CMMC if required within their contracts. Although the majority of them falling under the CMMC 1 requirements, the CMMC…
Continued
TSI Security and Compliance Notification
As today’s cybersecurity threats increase in frequency, complexity, and impact, we’ve had to adapt our IT services model to address these very areas of focus. Over the last few years, this evolution has led TSI toward becoming a full-fledged Managed Security Services Provider (MSSP) that can not only help address your cybersecurity gaps but also help achieve our clients’ compliance requirements. As your trusted IT partner, it’s of the utmost…
Continued
TSI Employee Spotlight: John Bermingham
John Bermingham joined the team in 2020 as TSI’s resident cybersecurity and compliance expert. Throughout his twenty-five years in the IT and cybersecurity industry as a US Airman and later on as a contractor, John has worked with a wide variety of government agencies and companies to include ACS Defense Inc., Lockheed Martin Corp., Northrop Grumman Corp., and several Federally Funded Research and Development Centers (FFRDCs). We connected with John…
Continued
A 17-Year-Old Vulnerability Was Just Discovered in Windows Server. Here’s What You Need to Know Next
Meet SIGRed First “discovered” in July of 2020, SIGRed is a very particular type of vulnerability in the Windows DNS Server environment called an RCE, or remote code execution. This means that it can be triggered by an attacker with little more than a malicious DNS response. Believe it or not, it’s actually been around for 17 years and impacts all Microsoft O/S from Server 2003 all the way up…
Continued
The Most Important Questions Your MSP/MSSP Should Know about the CMMC
1. Do they ‘practice what they preach’- Does your MSP/MSSP at least meet or exceed the same CMMC requirements that you need to follow? A: You’re only as strong as your weakest link…..It’s of the utmost importance that your MSP not only understand the complete set of CMMC requirements but that they’ve implemented at the very minimum, the comparable security controls that are being asked of you. Not only does…
Continued
Budget Freezes, Covid-19, UFO Sightings & Killer Bees: Why There’s No Time Like the Present to Review Your IT Strategy
By now, there are probably very few out there who haven’t felt the negative impact of the Coronavirus pandemic – something that is still keeping roughly a third of the world’s population on mandatory lockdown with no end in sight. In addition to dealing with a workforce that is suddenly remote, you’re also likely coming up against a variety of budgetary freezes that seem like they couldn’t have come along at a…
Continued
Building Upon Company Culture Remotely
Everyone knew that working remotely was the way of the future… it’s just that most people probably didn’t realize “the future” would arrive quite as quickly as it did. According to one recent study, about 4.3 million people in the United States were already working from home at least half the time, a number that increased by an enormous 140% since 2005. But with the ongoing Coronavirus pandemic putting nearly three billion…
Continued
Video and Web Conferencing Solutions Require Heightened Security Awareness
Over the last few weeks, more and more of our clients at TSI have quickly become comfortable with video and web conferencing solutions like Zoom – which is terrific. Still, we wanted to take this opportunity to remind you to stay up-to-date on all of the scams and vulnerabilities that are associated with these platforms, many of which are growing more common by the day. So many of these communications…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
