Many organizations do a tabletop test each year of their Incident Response (IR) or Business Continuity/Disaster Recovery (BC/DR) plan to evaluate its effectiveness and make sure it’s current. While tabletop is generally the weakest form of testing and has some significant limitations, there are some things that can be done to make it a better […]

The recent CrowdStrike outage, which caused widespread system crashes and disruptions, served as an important reminder of the interconnectedness and fragility of our world as it relates to technology. While the incident was disruptive and many of our clients can attest to the headaches it caused, it also provided valuable insight into how organizations can […]

In a post-COVID-shutdown world, hybrid and remote work has skyrocketed. Employee usage of personal devices, such as smartphones and tablets, for company work, is now commonplace and expected by employees. In many instances, employees can take advantage of the functionality of new smartphones to increase efficiency and productivity. Employees are happy because they get to […]

In the quickly evolving landscape of technology, maintaining the security and functionality of physical servers is imperative. Patch management is a critical component of this maintenance that involves updating server software to fix vulnerabilities, improve performance, and determine compatibility with other systems. Despite its importance, patch management is often loaded with risks that, if not […]

In the ever-evolving cybersecurity landscape, organizations continuously seek more robust methods to protect their digital assets. Traditional red team engagements, while effective, often lack the strategic depth needed to simulate real-world adversarial behavior. Enter TIDE – Threat Intelligence Directed Engagements – an innovative approach pioneered by Linford & Company, which integrates Game Theory and threat […]

It’s nearly impossible to read tech news today without encountering discussions about the cloud—and for good reason. Cloud computing has become an essential part of the modern technology landscape, making it hard to imagine a world without it. The ability to provision and manage networks, storage, and servers with just a few keystrokes is not […]

There are so many tools being released these days and for the most part, they aren’t cheap. But there is good news, the Cybersecurity & Infrastructure Security Agency (CISA) has assembled a group of free cybersecurity services and tools that most businesses can access. And no, you don’t have to be military affiliated. The goal […]

In previous articles, we’ve covered what HITRUST is and how to get HITRUST certified, but one very frequent question is, “What’s the difference between HIPAA vs HITRUST?” While they both relate to information security, and HITRUST initially began as part of HIPAA, they’re very different concepts. Let’s dive in. What Is the Difference Between HIPAA […]

In November 2021, the Department of Defense (DoD) announced Cybersecurity Maturity Model Certification (CMMC) 2.0, a program meant to assess an organization’s cybersecurity program maturity. The CMMC program is designed to achieve the following goals: “Safeguard sensitive information to enable and protect the warfighter” “Enforce Defense Industrial Base (DIB) cybersecurity standards to meet evolving threats” […]

A common concern being expressed by the general public and the United States government is the state of cybersecurity and the strength of the country’s ability to protect itself against a cybersecurity attack from within and without the United States. In response to this concern, the Department of Defence (DOD) has been working on the […]