NCG Extends Support to DoD Vendors with Crucial Tool for Cybersecurity Maturity Model Certification

NCG | July 07, 2020

Northcross Group (NCG) announced its latest innovative tool, a questionnaire to support the Cybersecurity Maturity Model Certification (CMMC)— a new U.S. Department of Defense (DoD) process going into effect later this year.  DoD will use CMMC to ensure a base level cybersecurity capability across the full Defense Industrial Base supply chain. Certification under CMMC will be required for all DoD vendors to renew or win new contracts starting later this year. NCG, a leader in cybersecurity services that support companies navigating through vast and complex business challenges while maintaining a business edge, has developed a free online questionnaire as a first step for DoD vendors to determine how they currently measure up to the CMMC model. The questionnaire helps an organization know where they stand and understand what is needed to achieve their targeted CMMC Maturity Level.  "As a DoD vendor ourselves, we understand the challenges of maintaining compliance and seek to provide a way for companies to get a good starting point," said Chris Bender, President of NCG. "We have helped organizations in healthcare, transportation, and banking build cybersecurity programs to meet similar requirements, and know having a good read on their current state is important," added Mr. Bender.

Spotlight

A penetration test is often a key requirement for compliance with key regulations. But while many organizations know they need penetration testing, it can be hard to know how to fit them in to a larger security program, or even how to get started. Our whitepaper, "What is Penetration Testing? An Introduction for IT Managers," is a clear and succinct introduction to the core principles and best practices of penetration testing.

Spotlight

A penetration test is often a key requirement for compliance with key regulations. But while many organizations know they need penetration testing, it can be hard to know how to fit them in to a larger security program, or even how to get started. Our whitepaper, "What is Penetration Testing? An Introduction for IT Managers," is a clear and succinct introduction to the core principles and best practices of penetration testing.

Related News

DATA SECURITY

SafeGuard Cyber provides Telegram users with first and only security and compliance solutions.

prnewswire | November 12, 2020

Shield Cyber, the main SaaS stage committed to dealing with the full lifecycle of computerized hazard assurance, today declared it presently conveys mechanized network safety and consistence controls for Telegram, the quick, basic, and free cloud-based informing application supported by monetary administrations and cryptographic money firms for business interchanges. More organizations are going to versatile applications to complete work in manners that offer the least grating, particularly since the start of the COVID pandemic. Among these, Telegram has been a top pick of problematic monetary administrations and cryptographic money firms for its effortlessness, speed, adaptability, and inherent encryption. The application additionally bolsters organizations with the capacity to have gatherings of up to 200,000 clients, with help for photographs, recordings, and documents of any kind. Accordingly, Telegram has arisen in these enterprises as a favored option in contrast to Facebook-claimed WhatsApp. "We serve a number of innovative financial services firms around the world that have embraced apps like Telegram," said SafeGuard Cyber CEO and Co-founder Jim Zuffoletti. "They're disrupting the finance sector, including how agile and responsive they can be in business communications." Be that as it may, even scrambled portable talk channels are dependent upon security and administrative consistence concerns. Business interchanges stay powerless against skewer phishing, ransomware, and digital surveillance assaults. Monetary firms are additionally searching for approaches to diminish consistence hazards and guarantee lawful preparation. Shield Cyber's new arrangement tends to these worries by expanding the stage's honor winning security and information misfortune anticipation abilities to Telegram messages. Organizations will presently have the option to catch Telegram content progressively, apply strategies, and naturally isolate messages that present information misfortune or consistence hazards. "We recently surveyed more than 600 IT and security professionals and found the biggest security and compliance challenge is the use of unsanctioned apps," noted Otavio Freire, CTO and Co-founder of SafeGuard Cyber. "We're proud to give security and compliance teams at digital currency and new financial services providers a scalable solution to enable Telegram as a sanctioned channel. This new capability continues our mission of securing human connections no matter what digital channel they're in." About SafeGuard Cyber SafeGuard Cyber is a Charlottesville, Virginia-based company with a cloud-based platform that empowers organizations to use social media and digital channels securely, compliantly, and at the scale of global business. With coverage across more than 50 channels, SafeGuard Cyber helps security, compliance, and marketing teams work better together to drive business forward.

Read More

INFOSEC PROJECT MANAGEMENT

Carahsoft Secures Exclusive Cybersecurity Aggregator Agreement

Carahsoft | March 08, 2022

The Trusted IT Solutions Provider®, Carahsoft Technology Corp., today announced that it has signed a new agreement with Broadcom Inc. to become the exclusive Public Sector Cybersecurity Aggregator partner for the Symantec security portfolio, which is aspect of Broadcom Software, in the U.S. Carahsoft has become the official U.S. distributor for all Broadcom Software products to channel partners in the Public Sector covering Federal, State and Local Government, and Education sectors, thanks to this new Cybersecurity Aggregator arrangement. Carahsoft intends to offer a number of initiatives that will allow the Broadcom Software Public Sector channel partner community to develop and be financially rewarded for providing exceptional client experiences, better customer retention, and growth. Broadcom Software is dedicated to creating strategic investments that will enable Carahsoft to provide Broadcom Software Public Sector clients of all sizes with industry-leading customer service and technical support. The cybersecurity channel partner community will be better positioned as a result of this new arrangement to provide exceptional client experiences, boost customer retention, and optimize growth and profits. Carahsoft wants to offer considerable incentives and deal registration programs in collaboration with Broadcom Software to assist accelerate development in these crucial areas. “This agreement will create a compelling opportunity for our cybersecurity Public Sector channel partners. Through this agreement, Broadcom Software and Carahsoft will focus efforts and investments on the resources to boost resellers’ sales of Symantec solutions and provide new programs and focus for the small and medium business customer segment. We’re committed to offering improved partner support, incentives, and pricing to help promote quality engagements and optimized customer experiences.” Brian Snell, Carahsoft’s Sales Director for the Broadcom Software business Cynthia Loyd, Vice President of Global Enterprise, Partner and Commercial Sales for Broadcom Software Said “Through this collaboration, we will be able to deliver innovative security solutions to all of our customers seamlessly in Public Sector, and do so faster, more efficiently, and more reliably. Partners are critical to the success of the Public Sector customer space for Broadcom Software. We are offering extensive resources to build trust and confidence in our collaboration and invite our Symantec resellers to join with Carahsoft to capitalize on these opportunities.” Broadcom Software private sector partners in North America continue to rely on Carahsoft as a reliable distributor for Mainframe, Cybersecurity, and Agile Operations Software solutions.

Read More

DATA SECURITY

Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

Morphisec | August 16, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced the launch of its new incident response services at HIMSS21. The service will help organizations across the healthcare industry, and various other markets, identify, contain, and report on security incidents in progress while validating or verifying the lack of a breach. Morphisec adds this service at a time when a flood of cyber threats have placed businesses under increasing pressure, making incident response necessary for industries like healthcare and manufacturing that need to be operational 24/7. In fact, Morphisec’s Consumer Healthcare Cybersecurity Threat Index found earlier this year that 1 in 5 Americans had a healthcare provider affected by cyberattacks over the last twelve months. Morphisec’s new IR services aims to assist these organizations with containing in-progress incidents, reducing damage, providing recommendations for long-term risk reduction, and auditing critical infrastructure to ensure the lowest possible risk exposure to a cyberattack. The company's highly experienced and on-demand IR team will be led under the direct supervision of the CTO’s office. “In this worsening threat landscape, it’s vital that all businesses have access to the expertise they need to keep their business up and running in the event of a breach -- even if they lack dedicated security professionals,” said Michael Gorelik, Morphisec’s CTO and head of incident response. “Morphisec’s incident response services help every organization under attack to quickly contain the incident, ensure business continuity, and minimize direct and indirect losses. With extensive experience in security incident investigation, companies are in good hands with our talented IR team who will go above and beyond to help them protect their assets from backdoors and persistent malware.” Morphisec’s incident response services will leverage the company’s zero trust at runtime solution to quickly pinpoint and contain threats, promising immediate results before forensic activities are even finalized. Responders will also educate businesses on the root cause of the incident and, in turn, the required corrective actions to improve their current tools and processes. Forensic collection and investigation of affected assets, including the building of an activity timeline, supplying indicators of compromise (IOCs), scoping the impact, mapping of exfiltrated IP, and more Malware analysis: In-depth analysis of a given malware, backdoor, or fileless code, to identify the potential impact Working around the clock during the investigation, with availability whenever we’re needed The option to develop customized scripts to minimize follow-up impact “As cyberattackers continue to target our critical industries such as healthcare, we’re proud to offer this crucial service to organizations who simply cannot afford downtime,” added Gorelik. “Morphisec's impressive suite of cloud-delivered endpoint and server security solutions are already protecting our customers across 8 million endpoints, and the addition of our new incident response service adds a vital layer to triage critical security incidents and reduce the risk of attack for the future.” About Morphisec Morphisec is the world leader in providing advanced security solutions for midsize to small enterprises around the globe. The company’s security products simplify and automatically block modern attacks from the endpoint to the cloud. Unlike traditional security solutions relying on human intervention, Morphisec delivers operationally simple, proactive prevention. This approach protects businesses around the globe with limited security resources and training from the most dangerous and sophisticated cyber attacks.

Read More