CMMC: Why Boeing’s Poor Security Posture Affects Subcontractors

On September 4 of this year, the Office of the Assistant Secretary of Defense for Acquisition released its draft of the Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and the Department of Defense (DoD) over the increased presence of cyber threats and intrusions aimed at the Defense Industrial Base (DIB) and its supply chains. The increase of successful Cybersecurity attacks against Defense Contractors and Subcontractors has been on a steady climb over the past years, leading to direct intervention and the creation of the CMMC. It is the duty of the manufacturer to monitor their environment, implement effective security controls, and ensure that critical systems are protected from malicious activities, such as ransomware, malware, etc. The protection of intellectual property associated with government projects is of most importance. Unfortunately, a recent investigation into Boeing's infrastructure has illuminated vulnerabilities…

Comments Off on CMMC: Why Boeing’s Poor Security Posture Affects Subcontractors

If you are using Google Chrome, update it now!

Researchers found two vulnerabilities in Google Chrome that could allow a remote attacker to execute arbitrary code (e.g., run malware) on an affected machine. Google has confirmed that at least one of the vulnerabilities is already being exploited in the wild. "Google says it is aware that one of the flaws has an exploit in the wild. This bug received the tracking number CVE-2019-13720 and is in the audio component of the web browser." - Bleeping Computer Google has released an update to address these vulnerabilities that should be installed as soon as possible. Critical Path Security recommends issuing the following in a Chrome tab, "chrome://settings/help".  If the browser isn't up-to-date, a prompt will be provided to update and relaunch the browser.  Follow that prompt.

0 Comments

Critical Path Security is excited to announce that our CTO, Patrick Kelley, will be speaking at Milner’s Tech Fest in Raleigh, NC!

Featured Solutions & Services include: Physical Security Systems – Learn how solutions such as Access Controls & Video Surveillance can simplify your operations and enhance situational awareness. Managed IT & Security – Is your business' network secure and operating at optimal efficiency? Copiers & MFPs – Discover ways to increase efficiency and lower document output costs. Business Phone Systems – See how Unified Communications is changing the way we communicate. Document Management – Capture paper documents smarter and faster – put your information to work. Special Guest Speaker Patrick Kelley, CISSP, C|EH, ITIL We are excited to announce Patrick Kelley as the day’s Keynote Speaker. With more than 20 years of experience in the Information Management and Security field, Patrick has spoken on panels with members from the FBI, CIA, NSA, and is a reoccurring guest on 11 Alive and NBC News. His presentation, Cyberzoology: Protecting Your Organization From New Breeds Of…

0 Comments

MDR: Managed Detection and Response – What you should know!

Legacy Security Information and Event Management (SIEM) is typically the solution for enterprises who need visibility into cyber threats across distributed IT infrastructure, essential to meeting regulatory compliance. However, SIEM solutions are cost-intensive, complex to properly configure, and cumbersome to maintain. That’s why many companies are now migrating managed security service providers (MSSPs), such as Critical Path Security, who offer rapid deployment and through affordable subscription models. Managed Detection and Response (MDR) is a Critical Path Security managed security service that detects intrusions, malware, and malicious activity in your network and assists in responding quickly to eliminate and mitigate those threats. Critical Path Security MDR services have a very light footprint on your network and use a combination of cybersecurity experts and advanced technology to eliminate false positives, identify real security threats, and develop actionable responses in real-time. While the average time across industries to detect a compromise is over…

Comments Off on MDR: Managed Detection and Response – What you should know!