What is so Critical about Critical Infrastructure? Over the next several weeks we will be diving deeper and talking more extensively about the importance of protecting the nation’s critical infrastructure (CI), why it’s targeted, and how to defend against attacks. Hardly a day passes by without critical infrastructure attacks making headline news, whether on the […]
We’d like to introduce Tony Buenger, who is the Director of Governance, Risk, and Compliance at SecureStrux, LCC where he leads and steers the strategic direction of SecureStrux’s GRC lines of business. He is responsible for the expansion of the […]
Consider this scenario; you are a Chief Information Security Officer (CISO) for a major university hospital system, with over 10 years of experience working with protected health information (PHI) under the following: HIPAA Privacy Rule (“protecting the type of data while […]
In early November, the DoD released an announcement for version 2 of the CMMC compliance standard. Developed with feedback from defense agencies and contractors, CMMC 2.0 seeks to streamline the compliance and cybersecurity process without sacrificing the effectiveness of the measures contained therein. While CMMC version 1 is still in play for most organizations in […]
Veterans Day is a day where we take stock of our freedoms and opportunities and the sacrifices made to ensure those freedoms and opportunities. In our industry, we know how important it is to recognize and support the men and women serving in uniform on the ground, overseas, in the air and in the complex […]
What Is a C3PAO in CMMC Certification? As part of the CMMC certification process, businesses in the DoD supply chain must undergo audits with strict requirements. The organizations themselves don’t conduct these audits, nor are they led by the CMMC Accreditation Body (CMMC-AB). Instead, they are conducted by Certified Third-Party Assessment Organizations (C3PAOs). (Note: As […]
Note: This blog post is an adaptation of a presentation given by SecureStrux Governance, Risk and Compliance Practice Lead Tony Buenger at the California Polytechnic Institute on October 20, 2021.
Contractors working with the Department of Defense are quickly responding to the Cybersecurity Maturity model Certification (CMMC) roll out. This security framework is a way for the DoD to determine, through the help of third-party auditors and well-established regulations and guidelines, the capabilities organizations possess to handle sensitive data like Federal Contract Information (FC) and […]
CMMC is a complex topic that’s facing security firms and government contractors around the company. While we are well into the implementation and deployment stages of the CMMC framework, many organizations are still wrapping their heads around requirements, upgrades and policies.
SecureStrux is excited to announce our placement on MSSP Alert’s Top 250 MSSPs in 2021. This award recognizes security providers who are meeting the challenges of modern cybersecurity. As enterprise businesses and SMBs alike become the targets of ransomware and other hacks, MSSPs will serve as the foundation of modern compliance and cybersecurity infrastructure. As […]