The Holidays Are Here – Let’s Stay Safe All Season Long, Together
The holiday season is upon us yet again, which can only mean one thing – cyber attacks are going through the roof across the country. Unfortunately, this happens to be a time of year when people are even more susceptible to cyber attacks and theft than usual. As people get into the holiday spirit, they tend to let their guard down. They’re doing more online shopping than ever, which increases…
Continued
The Reasons You Need a vCISO for CMMC Success
Today’s Business Need for a vCISO There’s little doubt that the influx of new government regulations around privacy and data security requirements have become the primary area of focus for many DIB (Defense Industrial Base) and GSA contractors. These companies are now required to become compliant with a relatively new DoD mandate known as the Cybersecurity Maturity Model Certification (CMMC) which requires these contractors meet and sustain an on-going cybersecurity…
Continued
2020 TSI Annual Shopping Outreach
The winter holidays are just around the corner, and although things are a bit different this year, we’re all thinking about our friends and family. Near or far, we’re hoping to find gifts that convey just how much we love and care for each other. Sadly, the holidays are more stressful for some families than others. Even in our own community, there are local families struggling to make this holiday…
Continued
Do I Need an MSSP If I Have an MSP?
Businesses across the globe are partnering with managed services providers (MSPs) to maximize business efficiency, embrace new technologies, and increase their IT ROI. However, with the growing cases of cybercrime and data breaches, implementing a comprehensive cybersecurity strategy has also become a core area of focus for today’s businesses. Considering that cybercrime damages are anticipated to climb to a massive $6 trillion as soon as the end of 2021 according to Cybercrime Magazine, partnering with a…
Continued
Don’t Negotiate with (Cyber)Terrorists: OFAC Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments
It’s of the utmost importance to understand that paying off ransomware attacks doesn’t just present a considerate risk to your business, but to the country as well. On October 1, 2020, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory detailing these risks due to a steep increase in demand for ransomware payments that have skyrocketed during the COVID-19 pandemic. Their warning was very clear: “Facilitating…
Continued
Critical Updates Regarding CMMC GCC & GCC High Licensing: How These Changes Will Impact your Organization’s CMMC Strategy
With enforcement set to begin for the CMMC, we’ve received a lot of questions from clients about the role that government licensing (GCC & GCC High) for CSPs (Office 365 Commercial, Azure, AWS etc.) will have in relation to addressing their respective CMMC 3-5 requirements. It’s long been known that this type of government licensing is extremely costly from both a price and implementation standpoint, and as a result, is…
Continued
The CMMC Hammer Has Dropped for GSA Stars III Contractors
Critical Update for GSA Stars III Contractors; New IT Compliance Requirement Mandates Organizations that are listed under the GSA are companies that work with the government, outside of the DoD. It was recently announced (GSA STARS III CMMC Release) that- effectively immediately- GSA companies may have to begin adhering to the CMMC if required within their contracts. Although the majority of them falling under the CMMC 1 requirements, the CMMC…
Continued
TSI Security and Compliance Notification
As today’s cybersecurity threats increase in frequency, complexity, and impact, we’ve had to adapt our IT services model to address these very areas of focus. Over the last few years, this evolution has led TSI toward becoming a full-fledged Managed Security Services Provider (MSSP) that can not only help address your cybersecurity gaps but also help achieve our clients’ compliance requirements. As your trusted IT partner, it’s of the utmost…
Continued
TSI Employee Spotlight: John Bermingham
John Bermingham joined the team in 2020 as TSI’s resident cybersecurity and compliance expert. Throughout his twenty-five years in the IT and cybersecurity industry as a US Airman and later on as a contractor, John has worked with a wide variety of government agencies and companies to include ACS Defense Inc., Lockheed Martin Corp., Northrop Grumman Corp., and several Federally Funded Research and Development Centers (FFRDCs). We connected with John…
Continued
A 17-Year-Old Vulnerability Was Just Discovered in Windows Server. Here’s What You Need to Know Next
Meet SIGRed First “discovered” in July of 2020, SIGRed is a very particular type of vulnerability in the Windows DNS Server environment called an RCE, or remote code execution. This means that it can be triggered by an attacker with little more than a malicious DNS response. Believe it or not, it’s actually been around for 17 years and impacts all Microsoft O/S from Server 2003 all the way up…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
