Suzanne Burdick

I briefly mentioned using DKIM to verify an email’s sender in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into how organizations can help stop email spoofing using a combination of three...

I briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into why email sender addresses are so easy to forge and...

On November 5, 2021, the Office of the Secretary for the Department of Defense produced a document outlining updates for the Cybersecurity Maturity Model Certification (CMMC) program. We’ve been following the program since its inception, and we were eager to find out what’s coming next. In short, some of the changes help reduce the burden...

Ransomware is a Different Beast Human-operated ransomware represents a unique challenge to backup infrastructures. Unlike other disaster scenarios, a ransomware attack specifically targets and attempts to destroy backup systems to increase the likelihood of a victim organization paying the ransom....

If your organization is involved in contracting with the US federal government, you’ve likely come across the requirement to have a System Security Plan (SSP) in place. For those looking to understand or implement an SSP, there are many resources...

The Cloud Makes Compliance Better! …And Worse. The necessity of complying with cloud regulations, frameworks, and third-party risk requirements has been on the radar for several years. However, the importance of satisfying these requirements skyrocketed as organizations scrambled to accommodate...