by Diana Proud-Madruga

This three-part series explores the challenges of securing the Internet of Things. Part 2 examines the architecture and inner workings of the Internet Engineering Task Force’s specification rfc8520.  

In March 2019, the Internet…

by Diana Proud-Madruga

This three-part series explores the challenges of securing the Internet of Things. Part 1 traces the history of governmental action, including standards development, reports, legislation and congressional hearings.

I love science fiction…

by Sarbari Gupta

Common controls serve a very important purpose within the realm of information security compliance and operations. However, with the rapid proliferation of cloud-based information systems, there needs to be further clarity in the nomenclature as well as improved…

by Eugenio Rivera

The Continuous Diagnostic and Mitigation (CDM) Program, launched in 2013, allows federal agencies to scrutinize their information technology (IT) systems and react almost instantaneously to vulnerabilities. It empowers agencies to identify and prioritize risks…

by Sarbari Gupta

On May 21, 2019, the Office of Management and Budget (OMB) released M-19-17, a policy memorandum entitled, “Enabling Mission Delivery through Improved Identity, Credential, and Access Management.” This far-reaching policy memo rescinds a number…

by Diana Proud-Madruga

Retrofitting security within legacy systems is expensive and rarely fixes all the security holes. However, if your company is upgrading its systems and/or moving to cloud-based services, it is an…