Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The US Department of Defense (DoD) initiative to adopt the Executive Order for Zero Trust is heating up. This week the Pentagon’s CIO, John Sherman, announced plans to implement a zero trust architecture agency-wide within the next 5 years – by 2027. To support this initiative, he plans to announce a new strategy next month to help meet the ambitious deadline for an agency of over 4 million people.

Many organizations want to leverage encryption in their environments. This usually starts off with encrypting data and devices that physically leave the organization. External USB drives with encryption or internal drive encryption on laptops using BitLocker for example. We have all heard stories of secret government documentation being left behind on the train or a laptop with employee information being left in a Taxi while traveling.

We’re pleased to announced the release of Kojensi SaaS v2.0 to ensure secure document collaboration and sharing of sensitive and Export Controlled content between Government, Defence, Defence supply chain, and higher education institutions. This new release assists organisations with meeting strict regulatory guidelines and compliance obligations for secure information sharing.

While the Singapore Personal Data Protection Act (PDPA) 2020 Amendment phases came into effect on Feb 1, 2021, starting on October 1, 2022, the maximum financial penalty for breaches of PDPA will be increased. Here’s what you need to know for the next phase of PDPA and how to ensure your information security practices are compliant to avoid penalties.

All information is an attractive target for bad actors, but some is inherently more valuable than others. State-sponsored and hacktivist attacks constantly probe enterprise networks seeking to identify the location of sensitive information. Attackers historically targeted core enterprise systems but as the defenses for those systems have matured, attackers now target the same information but in less secured unstructured (broadly speaking, file and email based) repositories.

Selling to the Department of Defence or dealing with Export Controlled material? Discover how to manage the information security and compliance of ITAR and other regulated data.

Speaking with clients, I find one of the biggest issues they struggle with how to properly secure Guest access in Microsoft 365 applications. While many organizations had already begun outsourcing their email to M365, most had really only begun looking at the rest of the M365 offering (Teams, SharePoint Online and OneDrive) when COVID hit. Most organizations wound up diving headfirst into this offering in an attempt to deal with the sudden need to work and collaborate with colleagues from home.

Cybersecurity has become an important topic for the defense supply chain. The ever-increasing number of digital channels that data can be exchanged through, has exponentially increased the risk of data breaches and leaks. This puts a lot of pressure on these organizations to ensure that the risks associated with the handling of sensitive data are as low as possible.

Protecting Controlled Unclassified Information (CUI) is a top priority for companies that have government and defense contracts, especially with the changes being rolled out in CMMC 2.0. We’re pleased at announce a new NC Protect watermarking feature to support CUI Designator labelling capability to assist US Defense and the Defense Industrial Base (DIB) with meeting the new CUI document handling and tagging requirements. The feature will be globally available during the July 2022 timeframe.