Home » Blog
Compliance

What CUI means for DoD Contractors and Subcontractors

DFARS 22.204-7012 is a cybersecurity rule issued by the DOD requires all contractors and subcontractors, regardless of size, to comply with two key information security requirements: (1) Adequate Security and (2) Incident Reporting. “Adequate Security” is satisfied by showing compliance with NIST Special Publication (SP) 800-171 and be implemented “as soon as practical” but not later than December 31, 2017. It was designed to protect CUI on nongovernment information systems.

Assessments

Not all Threats are Vulnerabilities

What is a vulnerability? When looking for vulnerabilities don't consider technical threats as the only threats to the system.  Your security should include some attention to all threats. A system vulnerability is defined as a weakness to the system.  For example,...

What Is Penetration Testing
News

NIST Releases CUI Compliance Bulletin

NIST July Bulletin NIST released its July bulletin summarizing assessing security requirements for Controlled Unclassified Information (CUI).  Additionally, the DFAR require compliance by federal and nonfederal organizations who handle this...

CUI Controlled Unclassified Information
News

Third Party WordPress Themes Still Contain Malware

A cWatch blog in June 2018 revealed that third-party WordPress Themes with from WordPress.org still contain malware which can cause your server IP to be blacklisted, site front page to be blank or the site to be broken when attempted to delete the files. It also...

Eye on the threat assessment target
News, Assessments

Free Preliminary Assessment!

For a limited time, we are providing a hacker's preliminary view of your environment, also known as an assessment. This is a no obligation view of your organization designed to show you what a hacker will discover about your organization before they even start to...

Assessment
News, Events

FISHackathon Judge

FOR IMMEDIATE RELEASE January 29, 2018 Shawn Duffy, President of Duffy Compliance Services, LLC has accepted two roles as both Mentor and Judge at this year’s Fishhackathon! New Market, Maryland, January 29, 2018 – Duffy Compliance Services, LLC, (DCS), a provider...