Apple’s Newest IOS Update Seeks to Protect Users from Security Flaw
As part of this month’s security updates, we wanted to bring to your attention a number of critical Apple vulnerabilities impacting smartphone, iPad, Apple Watch and MacBook iOS to your attention: iOS 14.8 iPadOS 14.8 MacOS Bug Sur 11.6 WatchOS 7.6.2 If you or your team use these devices, we highly recommend that you routinely encourage them to regularly check for and apply the most recent updates for their Apple…
Continued
How to Find Your NIST 800-171 & CMMC Requirements: A Comprehensive Guide to Determine Your Compliance Requirements from Your Primes and Clients.
One of the most frequently asked questions I receive is: “How do I know if I need to be compliant with either the NIST 800-171 or CMMC frameworks?” The bottom line is that if you possess controlled unclassified information (CUI) then your organization – with the exception of commercial off the shelf (COTS) companies – will likely have to fulfill these compliance requirements. Unfortunately, it’s not always clear to many…
Continued
Microsoft’s PrintNightmare Local Vulnerability Remains Unpatched
As many of you may have heard, Despite Microsoft’s assertion that their latest update fixed last month’s PrintNightmare vulnerabilities, we’ve been informed that additional critical security issues remain that we wanted to bring to your attention. To learn more about how to safeguard your organization from the developing issue, please click here for the notification we sent to our clients detailing how to address it.
Continued
What You’re Likely Missing about CMMC Compliance: Lessons from an MSP’s CMMC Readiness Review Assessment
We had a great webinar with our partners at NQA pertaining to our experience undergoing a CMMC 3 Readiness Review Assessment. We’ve conveniently recorded it HERE in case you missed it, so you can learn about some of the most overlooked aspects of a CMMC implementation including an overview of what it takes to become certification-ready. We hope our webinar helped address some of our audiences’ lingering questions about the assessment process…
Continued
Everything You Need to Know about Google & Microsoft’s Recent Vulnerabilities
There are two new and one existing critical vulnerabilities that we wanted to bring to your attention that will require your approval or your users’ immediate action to remediate: Google Chrome Zero-Day Vulnerability. New 3rd and Continuing Microsoft Printer Vulnerabilities. The Google Chrome zero-day vulnerability presents an immediate threat to Google Chrome users that should be addressed immediately using the instructions below: On your computer, open Chrome (if it has…
Continued
We Don’t Learn From Our Mistakes: 2020’s Most Popular Passwords
After a series of high-profile breaches, we wanted to update an article we developed a few years ago about some of the disturbing trends we continue to see with end user password behaviors. It’s fair to assume that a strong password is one of the most important security tools that any user can employ to minimize the chances of a breach, but we unfortunately see that users oftentimes continue to…
Continued
The State of Engineering Companies in 2021: The Story So Far and Where It’s All Headed
As someone who spends a lot of time working with technology leaders in the engineering industry, I’ve seen the state of IT in this field up close and personal. I’ve witnessed the types of issues that people are facing on a regular basis, and how catastrophic they can become if left unchecked. But I’ve also seen an incredible amount of potential as innovative and disruptive new technologies emerge on a…
Continued
Recent Data Breach: Historic Credentials Leak
More often than ever, we are hearing about large-scale ransomware attacks with devastating effects. Today, we wanted to bring to your attention a recent password and credentials leak which is being described as the largest breach in history. This breach has leaked over 3.2 billion passwords and includes 26 million compromised account log-in credentials for a number of popular sites including Apple, Amazon, Facebook and Netflix. Learn more about the…
Continued
CMMC Success Begins with IT Leadership
There’s little doubt that thanks to the influx of new government regulations around privacy and data security, requirements have become the primary area of focus for many defense industrial base and General Services Administration contractors.
Continued
TSI Employee Spotlight: Jonall Cobble
We’re thrilled to spotlight Jo Cobble, our most recent addition to TSI’s security and compliance team! Jo started her cybersecurity career while serving in the Navy and over the years has earned a Masters of Science in Cybersecurity and Information Management in addition to attaining an impressive set of certifications that include but are certainly not limited to CISSP, SSCP, and CEH. We’re excited to welcome Jo to our team…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
