The world is aghast watching Russia invade Ukraine, and it’s critical that the physical separation of these events doesn’t create a false sense of security for the US.   As the countries around the globe step up sanctions and impose restrictions on critical Russian resources, war will expand on a different front.  Cyberwarfare is nothing new,...Read More

  There is a widespread shortage of cyber security talent with predictions for little change in the upcoming years. Security Vitals believes in developing future talent and recommends hiring interns. Our firm has employed several interns and investing in their future provided great resources to support our growth too.   Our most recent intern, Ryan...Read More

It’s no secret that the world gets smaller every year.   Globalization of industry and trade has created ever-expanding opportunities, sometimes to the detriment of businesses and individuals.  The internet is a critical variable in this equation as it delivers instant access to resources worldwide and produces a growing industry focused on cyber-crime. There is a...Read More

A risk management framework (RMF) is an organization’s security controls road map for managing its cyber risks. RMFs define how the people in an organization utilize processes to manage technology, ensure oversight, and reduce risk exposure. The framework often serves multiple purposes, from evaluating the maturity of security controls to demonstrating due diligence in securing...Read More

The recent discovery of Log4J and its widespread impact on businesses highlights the importance of scanning networks to identify and mitigate software vulnerabilities. But periodically scanning networks is the easy part of building an effective vulnerability management program. Since these “programs” aim to identify and fix software vulnerabilities, ongoing management must include a schedule of...Read More

Let’s face it everyone wants to keep things as simple as possible.  n a perfect world, there would be a “single” cyber security technology that protected every organization from all cyberthreats. but, unfortunately, the complex nature of building and managing an effective cyber security program cannot be done with a single technology…simply stated there is...Read More

In early October, Deputy Attorney General Lisa O. Monaco announced a Civil Cyber-Fraud Initiative to combat cyber threats in the supply chain. Efforts will focus on identifying defense and other government contractors that are not adhering to required cybersecurity standards. Read more about the announcement here – Deputy Attorney General Lisa O. Monaco Announces New...Read More

Working from home has settled in as the new normal, so there are many new risks that enter your business data protection equation.  Cyber risk in your company is growing. Don’t kid yourself…it’s not just the big companies that are the targets of attacks.  Companies just like yours are being attacked daily (link to https://cyware.com/category/breaches-and-incidents-news)....Read More

Suppliers are Required to Submit Details on Progress The Department of Defense released new details on an interim requirement for vendors that requires a near term NIST 800-171 self-assessment. The process requires participants to score compliance with each of the 110 controls defined in NIST 800-171. Completed assessment scores must be uploaded to Supplier Performance...Read More

Not only are data breaches very expensive, they often result in high stress at all levels of a company. Being proactive and investing in cybersecurity consulting, allows organizations to prevent stress and save money. Cybersecurity consulting allows your organization to identify any problems and feel confident all cybersecurity issues are being taken care of.  To...Read More