Here’s today’s project. If you are on the FERC or NERC Board, schedule an online meeting and adopt the NIST CSF and the Zero Trust Security Model standard. What is not going to change is the US movement to a federal model. What needs to change is poor auditing to outdated error filled approaches that put US consumers at risk.
After all the cybersecurity work some organizations do, they still fall to breaches in their defense for lack of a forward-looking strategy. For all the OEMs reporting major breaches, the Zero Trust Security Model (ZTSM) and a revamping of their strategy need to take high priority. We have stated how OEMs, financial, and healthcare institutions are today giving their data filled products to non-compliant recyclers where the OEM tries to recover 5 cents on a dollar in selling the device that still can have data on it.
In this case with FirstEnergy of Ohio in the last week, it is reported that they disabled 6 million user accounts and will have all
The Zero Trust Security Model does include but is not just Multifactor Authentication and verifying the endpoint device. When cybersecurity assessors go to government agencies
Lately, I was examining a recent graph report about the number of aviation accidents relative to the 1990’s period of digitalization, and they revealed the following: Aviation incidents started to decline and continues to shrink to this day. And you can see on the same graph, that from the 1940s to the 1980s, accidents and incidents were on the rise. One could surmise that digital aviation systems and quality training do pay off.
After coming over from the Nuclear, Aviation and Education industry, I have found that senior engineers and executives think they are handling their enterprise data security according to their current policies and to the current regulations.
Among professionals, no one is closed mouth about the problem. I have discussed the use on non-compliant companies and personnel right with the End Customers, OEM Manufacturers and Service Companies providing the work. Oh yeah, they know they are in a tight spot and many do not know how to get out of this mess. In 2018 with GDPR and new government rules, non-compliant service companies are losing contracts right and left to compliant businesses. If your company has not lost your contracts, it is just a matter of time.
Unsecured Physical Security of Data Bearing Devices (DBDs) that hold thousands to millions of protected records for Health information (PHI), Personally Identifiable Information (PII), or Sensitive Personal Information (SPI) leaves many companies non-compliant.
Customer reports – including device tracking along with audit and reconciliation reports
Green reports – the client’s carbon footprint report
Certificates of Destruction – to confirm compliance with applicable regulations and industry standards
Patented process – the only of its kind in the industry
RFID tagging combined with proprietary software – we are not aware of any better
A training program that ensures business partner personnel adhere to strict protocol – you would be hard-pressed to find a vendor that takes such time and interest in its business partner.
Schedule a call at your convenience
We do a discovery and consulting meeting
We prepare a proposal
