October 7, 2020

Last week, the Department of Defense ("DoD") published its long-awaited rule on its Cybersecurity Maturity Model Certification ("CMMC") framework. Notably, in addition to the CMMC framework, the rule also includes a second framework related to NIST SP 800-171 DoD Assessments that some defense contractors will also need to consider. This second prong of DoD's cyber regime adds another layer of complexity for defense contractors with an obligation under the Defense Federal Acquisition Regulat...

September 25, 2020

On September 30, 2020, Joshua Duvall will participate in a panel discussion covering the Department of Defense's ("DoD") Cybersecurity Maturity Model Certification ("CMMC") for the National Veteran Small Business Coalition.

Joined by other cyber industry leaders and experts, the panel will discuss the latest and greatest CMMC initiatives, requirements, and concerns. Some of the questions the panel will address are: 

  • When are businesses supposed to be CMMC compliant/certified by? At w...

September 9, 2020

On September 4, 2020, President Trump signed Space Policy Directive-5 (SPD-5), which establishes a set of cybersecurity principles designed to protect the nation's valuable "space systems" from a host of cyber threats aimed at disrupting our Nations critical infrastructure.

As defined in SPD-5, "space systems" is a "combination of systems, to include ground systems, sensor networks, and one or more space vehicles, that provides a space-based service. A space system typically has three segments: a...

May 26, 2020

The Verizon 2020 Data Breach Investigations Report ("DBIR") is here.  In this 13th DBIR, Verizon analyzed a record total of 157,525 incidents, of which 32,002 met their quality standards and 3,950 were confirmed data breaches. 

Before we dive into some the data, here are some helpful definitions:

  • Threat actor: Who is behind the event? This could be the external “bad guy” that launches a phishing campaign or an employee who leaves sensitive documents in their seat-back...

May 16, 2020

This week's Weekly Debrief covers hackers endangering COVID-19 vaccine research, pandemic scams, what business data hackers want, FTC complaint that TikTok violates children's privacy law, and an update on Federal data privacy legislation.

Cyber

May 11, 2020

For some small businesses, securing your information systems (and your proprietary data) might seem complicated and expensive, but it doesn't have to be.  After all, cybersecurity can simply be described as implementing practices, procedures, and technologies to protect the confidentiality, integrity, and availability of data (i.e., to help prevent unauthorized access to data and cyberattacks).

A cybersecurity program can begin with, for example, creating information security...

May 1, 2020

This week's Weekly Debrief covers interesting topics, including the cost to launch a cyberattack, LabCorp facing a lawsuit claiming failure to address security problems, cyber insurance coverage gaps, and COVID-19 privacy issues.

Cyber

April 24, 2020

This week's Weekly Debrief covers several interesting topics, including network segmentation, coronavirus scams, public sector ransomware attacks, NFL cybersecurity, the Illinois biometric privacy law, and the global privacy landscape.

Cyber

  • NetworkWorld – Why Network Segmentation Matters

    • ​"When IT leaders hear about segmentation, their first thought is usually about dividing a network up using VLANs or VXLANs. But segmentation also plays a critical security role in securing dynamic mu...

April 17, 2020

This week's Weekly Debrief covers some interesting topics, such as threat modeling, double extortion ransomware attacks spike, shadow IT issues in wake of COVID-19, and blockchain-based VPNs and privacy tech.

Cyber

April 17, 2020

This week, the Government Accountability Office ("GAO") published a report finding that the Department of Defense ("DoD") has "not fully implemented three of its key initiatives and practices aimed at improving cyber hygiene."

GAO conducted this study, in part, because DoD has become "increasingly reliant on information technology (IT) and risks have increased as cybersecurity threats evolve."  GAO found that some 90% of cyberattacks could be avoided or defeated through basic cyber hygiene, which...

Please reload

About CyberJudicata

Welcome to CyberJudicata an informational blog/website focusing on cybersecurity and privacy issues, including cyber policy, data breach, incident response, data security, regulatory compliance, and cyber insurance.

CyberJudicata is published by Joshua Duvall, managing partner at Matross Edwards, a law firm providing government contracts and cybersecurity legal services to small and mid-sized businesses.

Contact Matross Edwards

www.MatrossEdwards.com

info@MatrossEdwards.com

202.854.9959

Search By Tags
Connect
  • Matross Edwards
  • LinkedIn
  • Twitter

Copyright © 2020 Joshua B. Duvall. All rights reserved.

CyberJudicata™ #cyberjudicata

LegalJudicata™ #legaljudicata

GovConJudicata™ #govconjudicata