Tobias Musser’s Post

CMMC Level 2 Assessment Objective: Update Malicious Code Protection for Controlled Unclassified Information (CUI) Data PRACTICE: Organizations must update malicious code protection mechanisms when new releases are available. ASSESSMENT: Malicious code protection mechanisms include antivirus signature definitions and reputation-based technologies. A variety of technologies and methods exists to limit or eliminate the effects of malicious code. Malware changes on an hourly or daily basis, and it is important to update detection and protection mechanisms frequently to maintain the effectiveness of the protection. Be prepared! Your assessor could ask to 🔍 EXAMINE system and information integrity policy. 🗣 INTERVIEW system or network administrators. 📝 TEST organizational processes for employing, updating, and configuring malicious code protection mechanisms. (CMMC Assessment Guide: Level 2 Version 2.11, page 249) #CMMC #DoD #cybersecurity #NIST #InformationSecurity

CMMC Level 2 Assessment Objective: System & File Scanning Protection for Controlled Unclassified Information (CUI) Data PRACTICE: Organizations must perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executed. ASSESSMENT: Periodic scans of organizational systems and real-time scans of files from external sources can detect malicious code. Organizations should use antimalware software to scan for and identify viruses in computer systems, and they should determine how often scans are conducted. Real-time scans look at the system whenever new files are downloaded, opened, and saved. Periodic scans check previously saved files against updated malware information. Be prepared! Your assessor could ask to 🔍 EXAMINE system and information integrity policy. 🗣 INTERVIEW system or network administrators. 📝 TEST organizational processes for employing, updating, and configuring malicious code protection mechanisms. (CMMC Assessment Guide: Level 2 Version 2.11, page 251) #CMMC #DoD #cybersecurity #NIST #InformationSecurity

CMMC Level 2 Assessment Objective: Shared Resource Control PRACTICE: Organizations must prevent unauthorized and unintended information transfer via shared system resources. ASSESSMENT: This requirement prevents information produced by the actions of prior users or roles (or the actions of processes acting on behalf of prior users or roles) from being available to any current users or roles (or current processes acting on behalf of current users or roles) that obtain access to shared system resources after those resources have been released back to the system. Additionally, no shared system resource—such as cache memory, hard disks, registers, or main memory—may pass information from one user to another user. Be prepared! Your assessor could ask to 🔍 EXAMINE system and communications protection policy. 🗣 INTERVIEW system or network administrators. 📝 TEST separation of user functionality from system management functionality. (CMMC Assessment Guide: Level 2 Version 2.11, page 214) #CMMC #DoD #cybersecurity #NIST #InformationSecurity

Enhancing Cybersecurity in Active Directory Environments In corporate IT, #ActiveDirectory #AD is essential for user management and #security. The static #defense approach is outdated due to dynamic cyber threats like #ransomware, necessitating constant vigilance. SDM Software, Inc. enhances #cybersecurity by continuously modernizing #GroupPolicy, focusing on preventing #credential access post-compromise and blocking ransomware target discovery with advanced access control. The Perils of a "Set and Forget" Mentality in Group Policy: Group Policies effectiveness wanes without regular #updates, risking user credential exposure if Microsoft Windows servers such as Domain Controllers, Microsoft Exchange server, #Application servers and Workstations Desktops are #compromised. Preventing Ransomware Discovery and Target Enumeration: Ransomware attackers seek valuable data, exploiting traditional defenses' shortcomings. #SDMSoftware's identity-based access control prevents unauthorized changes reducing the #attacksurface. Enhancing Cybersecurity with SDM Software: A #proactive approach to AD Group Policy management, featuring SDM Software's constant #modernization and advanced access controls, boosts defense against #cyberthreats, moving beyond outdated strategies to ensure a secure IT infrastructure. 👍 Give this post a thumbs up 💬 Please leave a comment ➕ Follow me for more #securityservices or #cybersecuritytopics

Today, I explored key CISSP concepts: 1. Identity and Accountability: Usernames must be unique to maintain accountability. Sharing accounts is a risk, so policies should forbid it. Descriptive usernames (like “lkolouch”) are easy targets for attackers, so non-descriptive usernames (like “emp5654”) are better. 2. Authorization: Determines what actions you can perform once authenticated. For instance, as an information security manager, you might view some employee data but not the CIO’s salary. 3. Accountability: Users are held accountable for their actions through logging and audit analysis. This ensures policy compliance and honesty. 4. Non-repudiation: Ensures a user cannot deny their actions. It requires both authentication and integrity, making it crucial for secure transactions. 5. Least Privilege and Need to Know: Users should have only the minimum access required (least privilege). They should access specific information only if necessary (need to know). This principle ensures that sensitive data is accessed only by those who truly need it. #CISSP #CyberSecurity #InfoSec

CMMC Level 2 Assessment Objective: Public-Access System Separation [CUI Data] PRACTICE: Organizations must implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks. ASSESSMENT: Organizations are required to separate publicly accessible systems from the internal systems that need to be protected. That means internal systems cannot be placed on the same network as the publicly accessible systems. Access to internal networks must be blocked by default from demilitarized zone (DMZ) networks, which are subnetworks that are physically or logically separated from internal networks. Be prepared! Your assessor could ask to 🔍 EXAMINE system and communications protection policy. 🗣 INTERVIEW system or network administrators. 📝 TEST mechanisms implementing boundary protection capability. (CMMC Assessment Guide: Level 2 Version 2.11, page 216) #CMMC #DoD #cybersecurity #NIST #InformationSecurity

✔✔Check out this #patchmanagement #enterprise #technologies #draft #policies This document is more for #it #patching 👀👀If you are patching #ot then refer to NIST Special Publication (SP) 800-532 requires the SI-2, Flaw Remediation security control, which includes installing security-relevant software and firmware patches, testing patches before installing them, and incorporating patches into the organization’s configuration management processes. In #ot taking the item offline is always best. 👇👇please reach out to me if you are looking for managed services, endpoint detection, SOC services, firewalls, network services, or ucass #cybersecurity #itpatching #itcyberpolicy #NIST #itsecurity #otsecurity #riskmanagement #endpointdetection #mssp #managedservices #comcast #masergy

Cybersecurity is everyone's responsibility! Here are the top five things our CISO wants all employees to know: 1. **Strong Passwords**: Use complex passwords and change them regularly. Avoid using the same password across multiple sites. 2. **Phishing Awareness**: Always be cautious of suspicious emails and messages. Don't click on unknown links or provide personal information without verifying the source. 3. **Software Updates**: Ensure all your software, including antivirus programs, is up to date. These updates often include critical security patches. 4. **Data Protection**: Be mindful of sensitive data. Always encrypt and securely store personal and company information. Handle with care when sharing or disposing of it. 5. **Report Incidents**: If you suspect a security breach, report it immediately to the IT department. Quick reporting can help mitigate potential damage. Your vigilance is crucial in keeping our organization secure!

CMMC Level 2 Assessment Objective: Security Alerts & Advisories PRACTICE: Organizations must monitor system security alerts and advisories and act in response. ASSESSMENT: Organizations must solicit and receive security alerts, advisories, and directives from reputable external organizations. The company should identify sources relevant to the industry and technology it uses. Methods to receive alerts and advisories may include: · Signing up for email distributions · Subscribing to RSS feeds · Attending meetings Be prepared! Your assessor could ask to 🔍 EXAMINE system and information integrity policy. 🗣 INTERVIEW personnel with security alert and advisory responsibilities. 📝 TEST organizational processes for defining, receiving, generating, disseminating, and complying with security alerts, advisories, and directives. (CMMC Assessment Guide: Level 2 Version 2.11, page 247) #CMMC #DoD #cybersecurity #NIST #InformationSecurity