Trusted Internet Blog

Thoughts, Guidance, Musings

How to Create a System Security Plan

You know what CUI is, and the hard requirement to figure out how to protect it. What's next? Simple, make a system security plan.  There are several options to choose from, but I'd recommend you start with the basics
Read More

What Every Government Contractor Needs to Know Now (from the Lawyers perspective)

I authored this first blog about a week ago, but at the time, had a deck given at the National Defense Transportation Association Fall Conference. This deck was given by Attorney Mary Beth Bosco, a partner with Holland & Knight LLP -a Washington DC law firm specializing in these kinds of matters. It is chock full of good information regarding CUI, CMMC, and NIST 800-171. This is a killer deck with a ton of legal detail.  I am posting with her permission. Enjoy. Need more information?
Read More

What is Controlled Unclassified Information?

Controlled Unclassified Information (CUI) is a category of unclassified categories issued in a directive on May 9, 2008, by President George W. Bush. CUI replaces categories such as For Official Use Only, Sensitive But Unclassified and Law Enforcement Sensitive categories. The CUI Program was originally developed for all Executive Branch Agencies but there are dozens (hundreds?) of older markings used to identify what’s now considered CIU, and the category of information is (intentionally?) defined in VERY broad terms.
Read More

What is a Data Breach?

What is a data breach? According to CBR online, 4.5 billion records were compromised in data breaches within the first 6 months of 2018. In comparison, there are merely about 7.5 billion people living on the planet. What is a data breach and why should you care about it? A data breach refers to the act of obtaining someone’s sensitive information from the internet. This information could be your passwords, sensitive media, PIN, credit card numbers, license numbers, software access to your company; virtually any piece of information that you’ve stored on the internet. This information is then used for blackmailing purposes or sold on the dark web. Data breaches occur on almost a daily basis. Last year hackmegeddon (one of my favorite stats sites) reported 1337 compromises.  This represents a very small number compared to the global dataset, but represents a strong enough sample for discussion purposes. 
Read More

Ransomware - Your defining moment? or your Oh 💩 moment?

Not a day goes by without another major news story (although, are they really major stories anymore?). However, the Norsk Hydro Ransomware event will definitely get its few minutes of journalistic play. 
Read More

ASUS Computers with Factory Installed Backdoors? No way!

on Mar 26, 2019 3:45:03 PM By | Jeff Stutzman, Founder | 0 Comments | Insider Network Security Information Security botnet ceo trojan
Kaspersky reported today that ASUS computers were pushed out of the factory with malware (a backdoor) installed. Should you care? Maybe. 
Read More

A Ransomware Playbook. Ransomware can be prevented.

About a year ago, I helped pay out a ransomware case, which at that time was one of the largest of its kind  .. Why? Because the company HAD to.  They were completely unable to conduct any business unless they did.  How were they completely locked down? Thats a different conversation, but the lessons learned might help you today. Over the weekend, the Ryuk ransomware strain was reported by ZDNet as the suspect malware in a cyber attack that caused printing and delivery disruptions for several major US newspapers over the weekend, Los Angeles Times and San Diego Union Tribune., the West Coast editions of the Wall Street Journal and New York Times, which are printed at the Los Angeles Times’ Olympic printing plant in downtown Los Angeles.  As ransomware becomes the weapon of choice, here are a few things you can do to make sure you don't find yourself in a shutdown, faced with paying out one of these monster ransoms.
Read More

Are Your Home Surveillance Systems Spying You?

We're batting 1000. Trusted Internet has installed in-home cyber security monitoring and protection systems for various Executives, and in each case, we've stopped in-home surveillance video from being taken out of the home by bad guys. Here are a couple of examples, and what you can do about it.
Read More

Cyber Security Case Study: Trusted Internet Stops Dangerous “Gh0stRat” at Two Companies in US and Canada

on Dec 16, 2018 5:35:13 PM By | Jeff Stutzman, Founder | 0 Comments | Cyber Information Security gh0strat
Recently Trusted Internet deployed and installed a Small Business Unified Threat Manager (UTM) service, to a 100 person oil and gas engineering company in Canada. Within 12 hours...
Read More

“woshihaoren” (我是好人)

I posted this in 2013.  It's one of my favorite stories to let small defense contractors know just have much other people want the things you make for the government. This is a true story. Honestly, ya just can't make this stuff up.
Read More