Trusted Internet Blog

Thoughts, Guidance, Musings

How to Create a System Security Plan

You know what CUI is, and the hard requirement to figure out how to protect it. What's next? Simple, make a system security plan.  There are several options to choose from, but I'd recommend you start with the basics
Read More

What Every Government Contractor Needs to Know Now (from the Lawyers perspective)

I authored this first blog about a week ago, but at the time, had a deck given at the National Defense Transportation Association Fall Conference. This deck was given by Attorney Mary Beth Bosco, a partner with Holland & Knight LLP -a Washington DC law firm specializing in these kinds of matters. It is chock full of good information regarding CUI, CMMC, and NIST 800-171. This is a killer deck with a ton of legal detail.  I am posting with her permission. Enjoy. Need more information?
Read More

Are we at war?

Tuesday I sat with a couple of dozen really smart folks. One, a retired Major General declared "We're at war!" (meaning, Information War). 
Read More

What is Controlled Unclassified Information?

Controlled Unclassified Information (CUI) is a category of unclassified categories issued in a directive on May 9, 2008, by President George W. Bush. CUI replaces categories such as For Official Use Only, Sensitive But Unclassified and Law Enforcement Sensitive categories. The CUI Program was originally developed for all Executive Branch Agencies but there are dozens (hundreds?) of older markings used to identify what’s now considered CIU, and the category of information is (intentionally?) defined in VERY broad terms.
Read More

What Every Government Contractor Needs to Know Now

If you don't have cybersecurity, beginning in 2020, you may not be able to bid on new government contracts.
Read More

IBM Study Shows Data Breach Costs on the Rise; Financial Impact Felt for Years

on Jul 23, 2019, 1:47:19 PM By | Jeff Stutzman, Founder | 0 Comments | data breach equifax identity theft ibm
What does a Data Breach cost?
Read More

Equifax - The Cost of a Data Breach

on Jul 22, 2019, 7:50:23 AM By | Jeff Stutzman, Founder | 0 Comments | data breach equifax Federal Trade Commission
(Federal Trade Commission) In September of 2017, Equifax announced a data breach that exposed the personal information of 147 million people. Under a settlement filed today, Equifax agreed to spend up to $425 million to help people affected by the data breach. If you were affected by the Equifax breach, you can't file a claim just yet. That's coming. But you can sign up for FTC email alerts about the settlement at ftc.gov/Equifax .
Read More

What is a Data Breach?

What is a data breach? According to CBR online, 4.5 billion records were compromised in data breaches within the first 6 months of 2018. In comparison, there are merely about 7.5 billion people living on the planet. What is a data breach and why should you care about it? A data breach refers to the act of obtaining someone’s sensitive information from the internet. This information could be your passwords, sensitive media, PIN, credit card numbers, license numbers, software access to your company; virtually any piece of information that you’ve stored on the internet. This information is then used for blackmailing purposes or sold on the dark web. Data breaches occur on almost a daily basis. Last year hackmegeddon (one of my favorite stats sites) reported 1337 compromises.  This represents a very small number compared to the global dataset, but represents a strong enough sample for discussion purposes. 
Read More

Ransomware - Your defining moment? or your Oh 💩 moment?

Not a day goes by without another major news story (although, are they really major stories anymore?). However, the Norsk Hydro Ransomware event will definitely get its few minutes of journalistic play. 
Read More

ASUS Computers with Factory Installed Backdoors? No way!

on Mar 26, 2019, 3:45:03 PM By | Jeff Stutzman, Founder | 0 Comments | Insider Network Security Information Security botnet ceo trojan
Kaspersky reported today that ASUS computers were pushed out of the factory with malware (a backdoor) installed. Should you care? Maybe. 
Read More