Security Technical Implementation Guide

Velo3D Sapphire Printers Become the First Metal 3D Printers to Achieve the U.S. Department of Defense’s Green-level STIG Compliance

Retrieved on: 
Tuesday, December 5, 2023
Technology, Military, Other Manufacturing, Steel, Semiconductor, Engineering, Satellite, Government Technology, Automotive Manufacturing, Other Defense, Aerospace, Nanotechnology, Manufacturing, Software, Defense, Hardware, Consumer Electronics, NYSE, SIPRNet, Federation, VLD, NIPRNet, Risk, Blog, Multimedia, Information technology, Security Technical Implementation Guide, ITAR, 3D, Government, Certification, 3D printing, Sapphire

The certification allows Sapphire printers to be connected to the DoD’s Secret Internet Protocol Router Network (SIPRNet) and gives customers the confidence their metal 3D printers are hardened against potential cyberattacks.

Key Points: 
  • The certification allows Sapphire printers to be connected to the DoD’s Secret Internet Protocol Router Network (SIPRNet) and gives customers the confidence their metal 3D printers are hardened against potential cyberattacks.
  • Velo3D printers are compliant with the U.S. Department of Defense’s STIG cybersecurity guidelines, giving customers the confidence their additive manufacturing technology is hardened against cyberattacks and other vulnerabilities.
  • Without STIG compliance, government agencies and contractors using metal 3D printers were required to keep them disconnected from network connections.
  • Current Velo3D customers can easily upgrade their existing Sapphire printers to achieve STIG Green-level security.

Eventide Communications' NexLog DX-FIPS Recorders Achieve JITC Certification

Retrieved on: 
Tuesday, November 14, 2023
DISA, Joint, Defense Information Systems Agency, JITC, Radio, Learning, Multimedia, Security Technical Implementation Guide, Joint Interoperability Test Command, Communication, Eventide, Government, NIST, Certification, Medical device, Defense

"The JITC certification is a testament to our unwavering commitment to delivering secure, reliable, and cutting-edge solutions that meet the highest industry standards," said Brad Basile, COO of Eventide Communications.

Key Points: 
  • "The JITC certification is a testament to our unwavering commitment to delivering secure, reliable, and cutting-edge solutions that meet the highest industry standards," said Brad Basile, COO of Eventide Communications.
  • "Our NexLog DX-FIPS recorders not only meet, but exceed the stringent guidelines set by NIST and the various applicable Security Technical Implementation Guides (STIGs) within."
  • Our JITC-approved recorders are designed with military-grade security and reliability to provide clear, reliable audio capture and advanced data management capabilities.
  • If you are interested in learning more about the advantages of implementing JITC-certified recorders, please visit our JITC landing page or contact our Eventide sales team to request a demo today.

SteelCloud Delivers Cyber Compliance Software to a NATO Ministry of Defense

Retrieved on: 
Wednesday, November 1, 2023
Linux, CIS, Stig, DISA, Defense Information Systems Agency, Defense, United States Department of Defense, Security Technical Implementation Guide, Software, STIG, Medical device, Arms industry

ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software. This is the first expansion of the implementation of ConfigOS into a European defense organization.

Key Points: 
  • ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC , a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software.
  • This is the first expansion of the implementation of ConfigOS into a European defense organization.
  • "The STIGs are the gold standard for cyber hygiene in military computer infrastructures," said Brian Hajost, SteelCloud Chief Operating Officer.
  • The ConfigOS compliance software suite will address hardening and continuous compliance for both Windows and Linux-based computer assets.

SteelCloud Delivers Cyber Compliance Software to a NATO Ministry of Defense

Retrieved on: 
Wednesday, November 1, 2023
Linux, CIS, Stig, DISA, Defense Information Systems Agency, Defense, United States Department of Defense, Security Technical Implementation Guide, Software, STIG, Medical device, Arms industry

ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software. This is the first expansion of the implementation of ConfigOS into a European defense organization.

Key Points: 
  • ASHBURN, Va., Nov. 1, 2023 /PRNewswire/ -- SteelCloud LLC , a leading STIG and CIS compliance automation software developer, announced today that a NATO Ministry of Defense has licensed its ConfigOS STIG compliance automation software.
  • This is the first expansion of the implementation of ConfigOS into a European defense organization.
  • "The STIGs are the gold standard for cyber hygiene in military computer infrastructures," said Brian Hajost, SteelCloud Chief Operating Officer.
  • The ConfigOS compliance software suite will address hardening and continuous compliance for both Windows and Linux-based computer assets.

HITRUST Assurance Program Selected by Health3PT in Alignment with Recommended Practices

Retrieved on: 
Tuesday, September 19, 2023
Security Technical Implementation Guide, PDF, API, Health, R2, Privacy, Information, HITRUST, Organization, Risk, RDS, UPMC, Medical device, Audit, Risk management, Online shopping

FRISCO, Texas, Sept. 19, 2023 /PRNewswire/ -- HITRUST, the information risk management, standards, and certification body, announced that the Health 3rd Party Trust Initiative (Health3PT) has approved HITRUST as the first assurance supplier supporting the Health3PT Recommended Practices & Implementation Guide. The selection of HITRUST is based on HITRUST's alignment with Health3PT's recommended practices for the healthcare industry to meet the challenges of Third-Party Risk Management (TPRM) for vendor cyber risk.

Key Points: 
  • The selection of HITRUST is based on HITRUST's alignment with Health3PT's recommended practices for the healthcare industry to meet the challenges of Third-Party Risk Management (TPRM) for vendor cyber risk.
  • The Health3PT Recommended Practices were created through the collaborative efforts of members of the Health3PT Council.
  • The HITRUST assurance program is designed to efficiently meet the TPRM needs of organizations in the healthcare industry.
  • "The Health3PT Recommended Practices and the HITRUST assurance program together help the healthcare industry better address 3rd party cyber risk.

Agile Defense's DuroSuite Receives Authority to Operate

Retrieved on: 
Thursday, September 7, 2023
Security Technical Implementation Guide, Defense, API, ARCENT, STIG, GUI, SAP Graphical User Interface, Red Hat, DISA, Artifact, Department of Defence, Defense Information Systems Agency, Medical device

RESTON, Va., Sept. 7, 2023 /PRNewswire/ -- Agile Defense, an innovative IT services and solutions provider, announced today that its Security Technical Implementation Guide (STIG) compliance tool DuroSuite, received an official authority to operate (ATO).

Key Points: 
  • RESTON, Va., Sept. 7, 2023 /PRNewswire/ -- Agile Defense, an innovative IT services and solutions provider, announced today that its Security Technical Implementation Guide (STIG) compliance tool DuroSuite, received an official authority to operate (ATO).
  • DuroSuite enables users to audit and remediate vulnerabilities to ensure cybersecurity standards are maintained in accordance with Defense Information Systems Agency (DISA) requirements.
  • DuroSuite also generates eMASS-ready checklist artifacts within minutes, overall synthesizing hours of complex work into a streamlined, repeatable process.
  • "DuroSuite accomplishes in minutes what it would take an individual over 60-man hours to accomplish," said Agile Defense customer ARCENT ITSS.

U.S. Army Selects BackBox to Automate Multi-Vendor Network Environment

Retrieved on: 
Tuesday, August 29, 2023
Benchmark, Stig, Defense, OS, BackBox, Intelligence, Automation, STIG, Government, Security, Network administrator, Security Technical Implementation Guide, United States Department of the Army, DISA, United States Department of the Air Force, SIPR, NIPR, Department of Defence, Defense Information Systems Agency, Medical device, Mobile phone, DALLAS

DALLAS, Aug. 29, 2023 /PRNewswire/ -- BackBox, the world's most trusted network automation company, today announced the U.S. Army selected BackBox's Network Automation Platform to automate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) compliance of their multivendor network environment. BackBox integrates with all major network monitoring platforms and has added new features to enable customers to easily migrate from less sophisticated network automation tools to BackBox.

Key Points: 
  • BackBox automates DISA STIG compliance, saving network administrators from more than 90 manual configuration steps
    DALLAS, Aug. 29, 2023 /PRNewswire/ -- BackBox , the world's most trusted network automation company, today announced the U.S. Army selected BackBox's Network Automation Platform to automate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) compliance of their multivendor network environment.
  • BackBox integrates with all major network monitoring platforms and has added new features to enable customers to easily migrate from less sophisticated network automation tools to BackBox.
  • The BackBox Network Automation Platform supports centralized automation of firewalls and network devices from hundreds of vendors.
  • BackBox was named Best Network Automation Solution in the Centralized Multi Vendor category in the 2022 'ASTORS' Homeland Security Awards.

BARR Advisory Releases Exclusive Resources on Healthcare Compliance

Retrieved on: 
Tuesday, August 15, 2023
Security Technical Implementation Guide, Partnership, ISO/IEC, R2, BARR, SOC, Certification, HITRUST, Organization, Standards and Recommended Practices, SOC 2, Growth, CSF, Medical device, Audit, Financial services, Risk management

KANSAS CITY, Mo., Aug. 15, 2023 /PRNewswire/ -- BARR Advisory has released a pair of exclusive resources for healthcare organizations aiming to improve their security postures and better manage third-party risk.

Key Points: 
  • The cybersecurity and compliance solutions firm dives deep into HITRUST assessments and the partnership between HITRUST and Health3PT in a series of new, exclusive resources.
  • KANSAS CITY, Mo., Aug. 15, 2023 /PRNewswire/ -- BARR Advisory has released a pair of exclusive resources for healthcare organizations aiming to improve their security postures and better manage third-party risk.
  • "Regardless of where your organization is in its HITRUST journey, our team at BARR Advisory is ready to help."
  • Steve Ryan, BARR's attest services manager specializing in healthcare compliance, echoes that sentiment in the latest installment of the firm's cyBARR Chats series.

Health3PT Releases Blueprint for Third Party Risk Management to Fix the Ineffective Cyber Risk Assessment Process for the Healthcare Industry

Retrieved on: 
Thursday, July 27, 2023
Accountability Act, Security Technical Implementation Guide, Initiative, Health, Risk management, Directory, Certification, Implementation, HITRUST, Organization, Health Insurance Portability and Accountability Act, CFO, PHI, CIO, UPMC, Letter, HIPAA, Fatigue, Online shopping, Audit, Privacy

FRISCO, Texas, July 27, 2023 /PRNewswire/ -- The Health 3rd Party Trust (Health3PT) Initiative today announced the release of the Health3PT Recommended Practices & Implementation Guide, a key deliverable in its mission to solve the third party cyber risk problem in the healthcare industry. The Health3PT Recommended Practices & Implementation Guide is the result of collaboration among a council representing the nation's leading healthcare organizations and provides an instructional framework of actionable steps organizations can take to ensure due diligence and due care throughout the healthcare ecosystem—while improving effectiveness, reducing inefficiencies, and leading the way for standardization in Third-Party Risk Management (TPRM).

Key Points: 
  • An industry survey conducted by Health3PT confirms the challenges facing current healthcare TPRM processes and reveals that both covered entities and vendors are overwhelmed.
  • Sixty-eight percent of covered entities and 79% of vendors believe the current TPRM process is inefficient.
  • The survey was conducted in coordination with the Health3PT Third Party Risk Virtual Summit, an industry-wide virtual event held on June 7, 2023.
  • Download the Health3PT Recommended Practices & Implementation Guide and the Health3PT "The State of Healthcare Third Party Cyber Risk Management" Survey: https://health3pt.org/resources
    Access the Health3PT Vendor Directory: https://health3pt.org/vendor-directory
    Register to attend the Health3PT Vendor Risk Management Summit, October 2, 2023 in Grapevine, TX: https://info.health3pt.org/health3pt-summit-registration-october
    To join the Health3PT Initiative and for more details, visit: https://health3pt.org

Government of Canada Announces $2.5 million for Projects to Improve Mental Health Supports for Indigenous Peoples

Retrieved on: 
Friday, July 21, 2023
Knowledge, Security Technical Implementation Guide, Partnership, Discrimination, Treasury Board of Canada, The Honourable, Face, Racism, Racism by country, Safety, COVID-19, Treasury Board of Canada Secretariat, Mental health, DSM-IV codes, Minister of Health (Canada), Indigenous peoples, Health system, First Nations, Government, Organization, Dutch Association of Mental Health and Addiction Care, Hope, Mental, Risk, Indigenous peoples in Canada, Indigenous self-government in Canada, Addiction, Health Canada, Woman, Nursing, Pharmaceutical industry, Health

Today, the Honourable Mona Fortier, President of the Treasury Board, on behalf of the Honourable Jean-Yves Duclos, Minister of Health, and the Honourable Carolyn Bennett, Minister of Mental Health and Addictions and Associate Minister of Health, announced $2.5 million for two projects led by the First Peoples Wellness Circle (FPWC) that focus on mental health supports for Indigenous Peoples.

Key Points: 
  • Today, the Honourable Mona Fortier, President of the Treasury Board, on behalf of the Honourable Jean-Yves Duclos, Minister of Health, and the Honourable Carolyn Bennett, Minister of Mental Health and Addictions and Associate Minister of Health, announced $2.5 million for two projects led by the First Peoples Wellness Circle (FPWC) that focus on mental health supports for Indigenous Peoples.
  • " FPWC will increase the number of mental health professionals in New Brunswick to provide culturally safe and inclusive mental health services and evaluation tools for First Nations populations.
  • "Indigenous Peoples in Canada are at a higher risk of experiencing mental illness, and face unacceptable intersecting barriers in accessing mental health services and supports.
  • The Supporting the Mental Health of Those Most Affected by COVID-19 investment of $100 million was announced in Budget 2021 to support projects that promote mental health and prevent mental illness in populations whose mental health was most affected by COVID-19, including Indigenous Peoples.