by Shawn Duffy | May 19, 2023 | Assessments, Blog, Risk, risk assessment
Risk is not just a vulnerability. Risk is a combination of the likelihood of a vulnerability being exploited and the impact to the system if that vulnerability is exploited. So, what does that mean? When we think about a threat to the system, we look at the events...
by Shawn Duffy | Nov 18, 2022 | Blog, continuous monitoring, Cybersecurity, risk assessment, Security Awareness Training
The Buy Maryland Cybersecurity (BMC) Tax Credit provides an incentive for Maryland companies to purchase cybersecurity services from a Qualified Maryland Cybersecurity Seller (QMCS). Maryland companies that qualify may claim a tax credit for 50% of the net purchase...
by Shawn Duffy | Oct 24, 2022 | Cybersecurity, Data Protection, risk assessment
Everyone wants the latest and greatest to protect their systems. Vendors tout this and show features and benefits of their fantastic way to protect your data, your system, or in general, your business. However, sometimes we should look outside our tools and resources...
by Shawn Duffy | Sep 9, 2022 | CMMC 2.0, Assessments, Blog, CMMC, Compliance, Incidence Response, risk assessment, Security Awareness Training
If you’re a defense industrial base (DIB) contractor, you’re already aware you need to meet compliance requirements in the new CMMC system, which goes live May 2023. Most government contractors are required to meet CMMC Level 2. The bad news is that it...
by Shawn Duffy | Jun 23, 2022 | Blog, risk assessment
We work on all these security controls, and then sit back and marvel at how well we have secured our system. Should we think of our secure system as secure only at a single point in time, one that needs us to constantly attend to it and be prepared to make changes to...
