What is so Critical about Critical Infrastructure?
What is so Critical about Critical Infrastructure? Over the next several weeks we will be diving deeper and talking more extensively about the importance of protecting the nation’s critical infrastructure (CI), why it’s targeted, and how to defend against attacks. Hardly a day passes by without critical infrastructure attacks making headline news, whether on the […]
Tony Buenger Interview
We’d like to introduce Tony Buenger, who is the Director of Governance, Risk, and Compliance at SecureStrux, LCC where he leads and steers the strategic direction of SecureStrux’s GRC lines of business. He is responsible for the expansion of the […]
CMMC and HIPAA
Consider this scenario; you are a Chief Information Security Officer (CISO) for a major university hospital system, with over 10 years of experience working with protected health information (PHI) under the following: HIPAA Privacy Rule (“protecting the type of data while […]
CMMC 2.0 and Defense Cybersecurity Compliance
In early November, the DoD released an announcement for version 2 of the CMMC compliance standard. Developed with feedback from defense agencies and contractors, CMMC 2.0 seeks to streamline the compliance and cybersecurity process without sacrificing the effectiveness of the measures contained therein. While CMMC version 1 is still in play for most organizations in […]
Honoring Our Veterans This Veterans Day
Veterans Day is a day where we take stock of our freedoms and opportunities and the sacrifices made to ensure those freedoms and opportunities. In our industry, we know how important it is to recognize and support the men and women serving in uniform on the ground, overseas, in the air and in the complex […]
The Importance of Selecting a C3PAO for CMMC Certification
What Is a C3PAO in CMMC Certification? As part of the CMMC certification process, businesses in the DoD supply chain must undergo audits with strict requirements. The organizations themselves don’t conduct these audits, nor are they led by the CMMC Accreditation Body (CMMC-AB). Instead, they are conducted by Certified Third-Party Assessment Organizations (C3PAOs). (Note: As […]
The Cybersecurity Maturity Model: A Path to CMMC Certification
Note: This blog post is an adaptation of a presentation given by SecureStrux Governance, Risk and Compliance Practice Lead Tony Buenger at the California Polytechnic Institute on October 20, 2021.
Preparing for CMMC Certification
Contractors working with the Department of Defense are quickly responding to the Cybersecurity Maturity model Certification (CMMC) roll out. This security framework is a way for the DoD to determine, through the help of third-party auditors and well-established regulations and guidelines, the capabilities organizations possess to handle sensitive data like Federal Contract Information (FC) and […]
Tony Buenger Speaks on CMMC Certification at Cal Poly
CMMC is a complex topic that’s facing security firms and government contractors around the company. While we are well into the implementation and deployment stages of the CMMC framework, many organizations are still wrapping their heads around requirements, upgrades and policies.
SecureStrux Names One of Top 250 MSSPs in the U.S. by MSSP Alert
SecureStrux is excited to announce our placement on MSSP Alert’s Top 250 MSSPs in 2021. This award recognizes security providers who are meeting the challenges of modern cybersecurity. As enterprise businesses and SMBs alike become the targets of ransomware and other hacks, MSSPs will serve as the foundation of modern compliance and cybersecurity infrastructure. As […]
