TSI's Information Technology Blog
Leonardo DRS Sets CMMC Deadline! Is Your Organization Ready?
Christopher Souza | CEO The Cybersecurity Maturity Model Certification (CMMC) continues to gain momentum across the Defense Industrial Base (DIB). Leonardo DRS has formally notified suppliers that organizations supporting applicable Department of Defense programs will be expected to meet CMMC requirements by November 10, 2026, when the next phase of the Department of Defense’s (DoD’s) CMMC rollout begins. At that point, many contractors handling Controlled Unclassified Information (CUI) will need…
Continued about Leonardo DRS Sets CMMC Deadline! Is Your Organization Ready?FortiBleed Exposes 73,000+ Fortinet Devices: What Businesses Need to Know
Christopher Souza | CEO It has been an unfortunate month for Fortinet customers. Not even a month after concerns emerged around attacks targeting Fortinet Endpoint Management Server (EMS), security researchers now uncovered another major security issue involving Fortinet infrastructure. This latest incident, known as FortiBleed, involves the exposure of VPN credentials, firewall configuration data, and other sensitive information associated with Fortinet devices. While Fortinet has stated that the exposed information…
Continued about FortiBleed Exposes 73,000+ Fortinet Devices: What Businesses Need to KnowFortinet EMS Under Attack: What Businesses Need to Know
Christopher Souza | CEO Cybersecurity researchers have identified active exploitation of a critical vulnerability affecting Fortinet FortiClient Endpoint Management Server (EMS). The vulnerability, tracked as CVE-2026-35616, is being leveraged by threat actors to gain unauthorized administrative access to FortiClient EMS environments and distribute credential-stealing malware to managed endpoints. Our partners at Arctic Wolf recently reported attacks where threat actors abused trusted endpoint management infrastructure to deploy a newly identified malware…
Continued about Fortinet EMS Under Attack: What Businesses Need to KnowStill on Windows 10? Why Not Upgrading is a Serious Security Risk for Businesses
Christopher Souza | CEO As of October 2025, Microsoft stopped supporting Windows 10, ending any new security updates, patches, or protection against newly discovered vulnerabilities. Despite this, millions of systems are still running on outdated software, presenting a considerable direct and indirect risk to organizations like yours. With extended support available ending on October 13, 2026, now is the time to take action to update these imminently vulnerable systems. Why…
Continued about Still on Windows 10? Why Not Upgrading is a Serious Security Risk for BusinessesImpacted by NeoSystem’s Dissolution? We’re Here to Help!
Christopher Souza | CEO The reported dissolution of NeoSystems has sent shockwaves across the Defense Industrial Base (DIB) and the broader CMMC ecosystem. Public reporting has alleged that NeoSystems terminated staff and ceased operations on May 1, 2026 without advance notice to clients leaving many organizations uncertain about access, documentation, data, and a clear path toward CMMC. For organizations working toward CMMC, this is more than a vendor disruption. It…
Continued about Impacted by NeoSystem’s Dissolution? We’re Here to Help!TSI Employee Spotlight: Joseph Gutto
Joe Gutto is TSI’s Network and Cloud Services Manager/Azure Architect and is our newest addition to the team! With over 26 years of experience in the IT sector and a career of system administration to leading quality assurance and cloud infrastructure projects, Joe is already making waves through the cybersecurity field, and we’re thrilled to feature him in this month’s employee spotlight. 1. Tell us what inspired you to get…
Continued about TSI Employee Spotlight: Joseph GuttoL3 Harris Is Requiring CMMC Proof from Suppliers: A Sign of What’s Coming
Christopher Souza | CEO Across the defense industrial base (DIB), prime contractors are now issuing direct supplier requirements tied to CMMC, complete with firm deadlines and documentation requests. Recently, L3Harris notified suppliers that organizations handling Controlled Unclassified Information (CUI) must provide a CMMC Level 2 assessment report from a C3PAO along with proof of certification by July 30 to avoid potential disruption to operations. This is not a warning, but…
Continued about L3 Harris Is Requiring CMMC Proof from Suppliers: A Sign of What’s ComingCMMC’s 2026 “Deadline” Explained: Why It’s Not a True Deadline and What Actually Drives Compliance
Christopher Souza | CEO There is a growing misconception across the Defense Industrial Base (DIB) that November 2026 is a universal deadline for CMMC certification. It is not. CMMC does not operate on a single, universal compliance deadline. Instead, requirements are introduced through contract awards as the program rolls out in phases. For most organizations, the real timeline is not driven by a date on the calendar, but by when…
Continued about CMMC’s 2026 “Deadline” Explained: Why It’s Not a True Deadline and What Actually Drives ComplianceCMMC Mock Assessments vs. NIST SP 800-171 Self-Assessments
Christopher Souza | CEO For many defense contractors, one of the biggest CMMC mistakes is assuming that an internal NIST SP 800-171 self-assessment is enough to prove readiness for a C3PAO certification audit. It is not. A self-assessment is an important internal management exercise, but it is not the same as demonstrating readiness under the pressure and scrutiny of an independent third-party review. That distinction matters even more in 2026,…
Continued about CMMC Mock Assessments vs. NIST SP 800-171 Self-AssessmentsElevated Cybersecurity Risk Amid U.S. and Iran Conflict
Christopher Souza | CEO A cyber advisory issued by our partners at Sophos highlights an increased global cyber risk environment due to escalating geopolitical tensions involving the United States, Israel, and Iran. Sophos assesses the current threat level as elevated, with the greatest risk occurring in the immediate to short term, ranging from days to several weeks. During periods of geopolitical instability, cyber threat activity commonly increases as nation state…
Continued about Elevated Cybersecurity Risk Amid U.S. and Iran ConflictCategories
- Backup & Disaster Recovery
- Business Operations
- Case Studies
- Cloud Services
- Cyber Security
- Employee Spotlight
- Finance & Budgeting
- Glossary Term
- Governance & IT Compliance
- Managed Services
- Mobile Device Management
- Network Infrastructure
- NIST 800-171 & CMMC 2.0
- PCI
- Podcast
- Project Management
- TSI
- Uncategorized
- vCIO
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place