Federal Update

Monthly Fed Roundup – May 2017

DISA’s May News Army LTG Alan Lynn discusses what is needed to evolve the DoD’ information infrastructure NIST’s May News New Release: Revised “Guide to Bluetooth Security”: Special Publication (SP) 800-121 Revision 2 Draft NIST …

Read more

blank

DISA Network Modernization

The Defense Information Systems Agency (DISA) is evolving their infrastructure to combat concerns over connectivity and security, efficiency, and cost. DISA’s present issues relate to outside components connecting to its network because the infrastructure is outdated. …

Read more

blank

President Doubles Down on Cybersecurity

On May 11th, President Donald Trump issued an Executive Order requiring all heads of executive agencies and departments to modernize and strengthen cybersecurity within Federal networks and critical infrastructure. The order acknowledged that the government’s …

Read more

Common Criteria

Common Criteria NDcPP Version 2 Released

The newest version of the Common Criteria Network Device Collaborative Protection Profile (NDcPP) and Supporting Documents (SD) has been released. Key changes in version 2.0 include: Support for distributed TOEs Updated X509 certificate authentication requirements …

Read more

Federal Update

Monthly Fed Roundup – April 2017

DISA’s April News DISA system improves access to video surveillance for intel community NIST’s April News Cryptographic attack cited for the FF3 technique for format-preserving encryption (FPE)Requested Public Comment On: Draft Special Publication (SP) 800-190, Application …

Read more

blank

IoT Device Security – What You Need To Know

The expanding market for connected devices and the Internet of Things (IoT) has propelled demand for products that alleviate the stress of managing daily interactions; from buying groceries to protecting our homes, there is an app or device for …

Read more

blank

CMVP Changes to FIPS 140-2

During the recent Cryptographic Module User Forum (CMUF) meeting, CMVP, which oversees FIPS 140-2 validations in the United States and Canada, announced updates and changes to policy for stagnant modules, the historical list, and documentation …

Read more

DoD APL Myths

Dispelling DoDIN APL Listing Myths

The hoops that companies must jump through in order to sell into the Federal government can be difficult to understand and sometimes misleading. As with any government process, misconceptions surrounding what is required begin to …

Read more

Federal Update

Monthly Fed Roundup – January 2017

DISA’s January News DISA focuses on Innovation during the Armed Forces Communications and Electronics Association panel NIST’s January News NIST Draft Releases: Draft Special Publication 800-12, Revision 1, An Introduction to Information Security NIST Interagency Reports: …

Read more

blank

Updates to CMVP’s Sunsetting Policy

From the CMVP on their validation Sunsetting Policy: The CMVP is adopting a five year validation sunsetting policy, effective February 1, 2017. The CMVP will move all validation entries with most recent validation dates** prior to February 1, …

Read more

blank

Your Security Strategy – Are You At Risk?

$7 Million Dollars – According to a recent study by IBM, that’s the average cost of a security breach. The overall brand damage can be catastrophic, huge financial losses and customer abandonment. Companies like Target and …

Read more

blank

Are Your Partners Putting Your IP at Risk?

What if your intellectual property was at risk and you weren’t even aware? In today’s highly competitive and often vulnerable world, the companies we choose to partner with play a large role in the security …

Read more

blank

Budgeting for Certifications: Avoid Cost Creep

Budgeting for a Common Criteria Certification can be difficult, but it’s not impossible. Understanding how to create your certification budget, and taking the necessary steps to follow through with that budget, can reduce your costs and simplify the certification process. We are frequently asked, “How much does certification cost…