About Data Security, About TechR2, Home Page, News, Press Release, TechR2 Blog

A culture to protect client and customer data is first created, then nurtured through training and development

11 September 2021

[vc_row type=”grid” video_bg=”” css=”.vc_custom_1631737659710{margin-top: 60px !important;}”][vc_column width=”1/2″ dp_animation=””][vc_column_text dp_animation=””]In the IBM NIST and Zero Trust Security Model (ZTSM) training on Thursday, the SMEs stressed the importance for every vendor that works with the organization’s data whether hardware or software to be in compliance with their NIST and ZTSM policies. This includes vulnerability testing. This is new for many OEMs. It was just over a year ago that Microsoft became NIST certified. Most OEMs are not NIST certified. Although the DFARS NIST 800-171 CSF standard for the entire DoD Supply Chain has been required since the beginning of 2018, which pertains to over 300,000 businesses. Some of the companies that are promoting NIST and ZTSM have not passed their own audit yet. So, in the MyRepublic event, it was a third-party vulnerability that caused the breach. To examine your third-party vulnerabilities, start your NIST assessment this week. Have your procurement department request the external CSF certificates and vulnerability reports from your partners.[/vc_column_text][vc_column_text dp_animation=””]Then wait………… You will not get many. Professionals know you can do all the testing you want, but if your partner does not have a CSF culture, your network is sunk. So do the assessment this week. And tell your non-certified, non-compliant, non-tested partners they are at risk, and therefore making their your network vulnerable.[/vc_column_text][/vc_column][vc_column width=”1/2″ dp_animation=””][vc_column_text dp_animation=””]Related article: MyRepublic customer data compromised in third-party security breach | ZDNet

[/vc_column_text][vc_empty_space][vc_column_text dp_animation=””]

A culture to protect client and customer data is first created, then nurtured through training and development, and it is practiced by TechR2 teams in datacenters throughout the world. High technology execution does not happen without hard work.

[/vc_column_text][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column dp_animation=””][vc_separator][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-left”][/vc_column][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-right”][/vc_column][/vc_row]

What do you think?

Show comments / Leave a comment

Videos

Datacenters are a cybersecurity target

I’m a recovering intelligence officer. I’m always a recovering intelligence officer for one trauma or another. And I’ve had the benefit, the pleasure, the honor to apply a lot of those skills I use in defense of our nation in the commercial section and in the commercial world as well, rising all the way to chief operating officer of a company that I thought was pretty obscure.

Videos

Loss of data hurts everyone

Whether I’m a nation state targeting data, whether I’m a criminal enterprise targeting data, or a transnational organization targeting that, that data is valuable. And while it’s valuable to me, there is a negative externality to the people that I’m taking it from as well. It’s not a victimless crime, right?

Videos

Datacenters are the obvious target

Anybody ever watch storage wars?
You can go on the dark web and buy drives like you were buying a storage unit. “I’ll give you a thousand dollars for that storage unit”. I know there’s got to be a couple thousand bucks worth of stuff in it. Your data out there is the same way.

Why risk it alone?
Get started today.

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Your benefits:

What happens next?

Schedule a call at your convenience

We do a discovery and consulting meeting

We prepare a proposal