Achieving CMMC 2.0 Compliance Through Continuous TLS/SSL Monitoring
The Cybersecurity Maturity Model Certification (CMMC) framework establishes a standardized set of cybersecurity requirements for defense contractors and subcontractors. To achieve CMMC compliance, organizations must demonstrate their ability to protect sensitive data and mitigate cybersecurity risks. One critical aspect of CMMC compliance is the proper use of encryption to safeguard sensitiveinformation. This whitepaper explores the […]
Crypto Compliance in the Age of Encrypted Traffic
The rapid growth of the cryptocurrency industry has brought with it a complex regulatory landscape. Financial regulators worldwide are grappling with how to balance innovation with consumer protection and market integrity. This whitepaper explores the key regulations governing cryptocurrencies, particularly DORA, PCI DSS, and MICA, and the challenges they pose in the context of encrypted […]
Encrypted Traffic Analysis: A Critical Solution for Enterprise Privacy
Networks are becoming increasingly encrypted, and the need for more visibility creates a significant challenge for security teams. Threat actors routinely use encryption to help hide data exfiltration and control with victim networks, making it extremely difficult for security teams to detect and prevent potential security threats. One of the biggest challenges facing organisations today […]
Why Data Encryption Changes Everything
Today, more than ever, law firms are in possession of large amounts of data. To meet internal and regulatory standards, almost all data is encrypted from end to end. Understanding the presence of risks and the level of compliance becomes impossible to measure in real-time. In effect, the environments of legal firms are more distributed, […]
How Bring Your Own Device Became Bring Your Own Risk Overnight
For security leaders, change is constant. We are constantly having to adapt our security strategies and activities so that they remain relevant to the business and risk environments that we operate within. However, the past year has seen an unprecedented level of change, driven by the global pandemic. We talk about the ‘health’ of a […]
Privacy and Encryption – Acceptable Policies for the Modern Enterprise
The fundamental concept of Privacy is something universally understood by everyone. The right to be left alone, without interference or intrusion is documented in Article 12 of the ‘The United Nations Universal Declaration of Human Rights’ (1948): Put simply, we are constantly under surveillance: constantly tracked, targeted, profiled, and exploited, sometimes willingly (without consciously realising […]
Real Situational Awareness Is More Vital Than Ever Before
I don’t think there has been a day in the last few years where I haven’t been helping a client somewhere with some form of cyber event. Ransomware has become ever more prevalent in 2020/21 but good old data theft, financial credential harvesting, and insiders, malicious or otherwise, are still around. The most frequent organisational […]