CMMC

SafeLogic Delivers CryptoComply OpenSSL 3.0 FIPS Provider

Retrieved on: 
Monday, December 5, 2022
Cloud, Common Criteria, FedRAMP, OpenSSL, Internet, PALO, TLS 1.3, API, Software, Government, GA, TLS, United States Department of Defense, Transport Layer Security, FIPS, Transport layer, CMMC, APL, IOT, Organization, Cryptocurrency, Cargo, Online shopping

PALO ALTO, Calif., Dec. 5, 2022 /PRNewswire-PRWeb/ -- SafeLogic announced today the availability of CryptoComply OpenSSL 3.0 FIPS Provider, a new software product that allows organizations to deploy OpenSSL 3.0 and TLS 1.3 with a FIPS 140 validated cryptographic module. FIPS 140 validation is required for products containing cryptography to be used by government agencies. It is also required by security regulations including FedRAMP, Common Criteria, CyberSecurity Maturity Model Security (CMMC) 2.0, and DoD APL among others.

Key Points: 
  • PALO ALTO, Calif., Dec. 5, 2022 /PRNewswire-PRWeb/ -- SafeLogic announced today the availability of CryptoComply OpenSSL 3.0 FIPS Provider , a new software product that allows organizations to deploy OpenSSL 3.0 and TLS 1.3 with a FIPS 140 validated cryptographic module.
  • "SafeLogic's CryptoComply OpenSSL 3.0 FIPS Provider supports both OpenSSL 3.0 APIs and TLS 1.3 with a FIPS-validated encryption module."
  • CryptoComply OpenSSL 3.0 FIPS Provider has completed an Early Access program and is now Generally Available (GA).
  • Non-SafeLogic customers wanting to use OpenSSL 3.0 or TLS 1.3 with a FIPS validated cryptography module will also find CryptoComply OpenSSL 3.0 FIPS Provider a good option.

NextLabs is chosen by Bodycote and Herstal Group to accelerate IT transformation

Retrieved on: 
Monday, December 5, 2022
Trust, CMMC, Herstal Group, Collaboration, Agility, NextLabs, SAN, Bell–LaPadula model, Bodycote, Medical device, Online shopping

SAN MATEO, Calif., Dec. 5, 2022 /PRNewswire-PRWeb/ -- NextLabs today announced its selection by Bodycote and Herstal Group as the Zero Trust Data-Centric Security platform to transform their strategic IT initiatives. With the deployment of the NextLabs platform, the companies will be able to implement its next generation cybersecurity framework based on the zero-trust architecture and least privilege access principle to protect customer data, segregate and obfuscate sensitive information, and automate need-to-know access to safeguard product designs and project data.

Key Points: 
  • NextLabs' data centric security suite protects business-critical data and controls access to applications with real-time enforcement based on zero trust principle.
  • Bodycote and Herstal Group will deploy NextLabs solution globally, unifying their global IT infrastructure under the Zero Trust Architecture, ensuring sensitive information is protected throughout its lifecycle.
  • "NextLabs is proud to partner with Bodycote and Herstal Group to help realize their digital transformation endeavor," said Keng Lim, Founder and CEO of NextLabs.
  • NextLabs' solutions automate the enforcement of security controls and compliance policies to enable secure information sharing across the extended enterprise.

Medocity Elevates Its Security and Privacy Infrastructure with Successful Completion of HITRUST Certification and SOC 2® Type 2 Examination

Retrieved on: 
Monday, December 5, 2022
Trust, FedRAMP, American Institute, Certification, Process, PCI DSS, NIST Cybersecurity Framework, FFIEC, Policy, Security, GDPR, CCPA, ISO 27001, CISO, CPA, NIST, PCI, HITRUST, HIPAA, Patient, Software as a service, Privacy, GLBA, Implementation, ISO, Penetration test, SOC, AICPA, Confidentiality, Microsoft, CMMC, CSA, American Institute of Certified Public Accountants, FISMA, Title 21 CFR Part 11, SSPA, Certified Public Accountant, Medoc II, Organization, Audit, Medical device, Risk management

PARSIPPANY, N.J., Dec. 5, 2022 /PRNewswire-PRWeb/ -- Medocity Inc. has successfully completed its HITRUST Risk-based, 2 year (r2) Certification and System and Organizational Controls (SOC) 2® Type 2 examination on controls relevant to Security, Availability, and Confidentiality for its Virtual Care Platform Services system, a solution provided to pharmaceutical companies, health insurers, and hospital systems. Medocity has achieved HITRUST (r2) certification with the following regulatory factors, EU GDPR, 21 CFR Part 11, HIPAA, and CCPA. Furthermore, Medocity's platform, facilities, and supporting infrastructure were validated against the information protection program that is consistent with the objectives specified in NIST Cybersecurity Framework v1.1.

Key Points: 
  • To achieve its compliance goals, Medocity chose 360 Advanced, Inc., a licensed CPA firm, to perform the demanding third-party HITRUST assessment and SOC examination.
  • Medocity has achieved HITRUST (r2) certification with the following regulatory factors, EU GDPR, 21 CFR Part 11, HIPAA, and CCPA.
  • "The completion of the SOC 2 examination and HITRUST certification demonstrates Medocity's prioritization of, and commitment to, the security and privacy of our clients' data."
  • To achieve its compliance goals, Medocity chose 360 Advanced, Inc., a licensed CPA firm, to perform the demanding third-party HITRUST assessment and SOC examination.

Baltimore Cyber Range LLC Provides Department of Defense Mandated Cybersecurity Training

Retrieved on: 
Wednesday, November 30, 2022
BCR, Environment, U.S. Department of Defense Strategy for Operating in Cyberspace, CAMI, Multimedia, Department of Defense Cyber Crime Center, Knowledge, Student, Intrusion Countermeasures Electronics, Government, Security, CCP, Workforce, Information technology, Managed services, Maryland Department of Labor, MNS, Maryland Department of Commerce, Librarian of the Year Award, CMMC, DIB, United States Department of Defense, EARN, Weapon, Risk management

BALTIMORE, Nov. 30, 2022 /PRNewswire/ -- Baltimore Cyber Range LLC (Baltimore Cyber) has launched a new Cybersecurity Maturity Model Certification (CMMC) Certified Cyber Professional (CCP) training program for information technology professionals.

Key Points: 
  • BALTIMORE, Nov. 30, 2022 /PRNewswire/ -- Baltimore Cyber Range LLC (Baltimore Cyber) has launched a new Cybersecurity Maturity Model Certification (CMMC) Certified Cyber Professional (CCP) training program for information technology professionals.
  • The training addresses the Department of Defense (DoD) mandated cybersecurity assessments for all Defense Industrial Base (DIB) vendors.
  • Baltimore Cyber Range LLC has launched a new CMMC CCP training program for information technology professionals.
  • Founded in May 2017, Baltimore Cyber is the first facility in the world to utilize a cybersecurity range specifically dedicated to cybersecurity workforce development.

More than 87% of Pentagon Supply Chain Fails Basic Cybersecurity Minimums

Retrieved on: 
Wednesday, November 30, 2022
Internet, Security, Defense, Technology, Other Defense, Probability, DFARS, Department of Defence, Risk, DIB, United States Department of Defense, SPRS, Federal Acquisition Regulation, Merrill, CMMC, Risk management, Medical device, Defense

Critics of the system have anecdotally deemed 70 to be good enough, but the overwhelming majority of contractors still come up short.

Key Points: 
  • Critics of the system have anecdotally deemed 70 to be good enough, but the overwhelming majority of contractors still come up short.
  • The first ever comprehensive, independent study of the DIBs cybersecurity maturity was conducted by Merrill Research and commissioned by CyberSheath , the largest CMMC managed service vendor.
  • The DIB is the Pentagons supply chain, and we see how woefully unprepared contractors are despite being in threat actors crosshairs.
  • Our military secrets are not safe and there is an urgent need to improve the state of cybersecurity for this group, which often does not meet even the most basic cybersecurity requirements.

Kiteworks Releases Its 2023 Forecast for Managing Private Content Exposure Risk Report

Retrieved on: 
Wednesday, November 30, 2022
Privacy, Organization, SOC, Public sector, NIST, Risk, Risk management, General Data Protection Regulation, SOC 2, GDPR, Law enforcement, Numbering Resource Utilization/Forecast Report, Artificial intelligence, National Institute of Standards and Technology, Federal Information Processing Standards, CMMC, FIPS, ISO, Federal Information Security Management Act of 2002, PALO, CSF, Medical device

PALO ALTO, Calif., Nov. 30, 2022 (GLOBE NEWSWIRE) -- Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network , released its 2023 Forecast for Managing Private Content Exposure Risk Report that reveals 15 predictions for private content and sensitive content communications based on cybercrime, cybersecurity, and compliance insights.

Key Points: 
  • PALO ALTO, Calif., Nov. 30, 2022 (GLOBE NEWSWIRE) -- Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network , released its 2023 Forecast for Managing Private Content Exposure Risk Report that reveals 15 predictions for private content and sensitive content communications based on cybercrime, cybersecurity, and compliance insights.
  • Managing private content exposure risk is a crucial priority todayand one that is growing in scope.
  • Managing private content exposure risk poses a significant undertaking for IT, security, risk, and compliance leaders.
  • The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection.

Summit 7 Becomes the First DIB-Focused Partner to Leverage Microsoft's Azure Government Secret for Classified Data

Retrieved on: 
Tuesday, November 29, 2022
Cloud, Azure, Aerospace, NIST, Summit, Trust, U.S. Department of Defense Strategy for Operating in Cyberspace, Secrecy, DFARS, ITAR, Government, CUI, Defense industrial base, CMMC, DIB, United States Department of Defense, Video game console, Defense, Microsoft

Ben Curry, Summit 7 CTO, stated, "Azure Government Secret provides our customers the much-needed ability to host classified data in Microsoft's Secret cloud, therefore leveraging the Microsoft cloud technologies that they already know and trust.

Key Points: 
  • Ben Curry, Summit 7 CTO, stated, "Azure Government Secret provides our customers the much-needed ability to host classified data in Microsoft's Secret cloud, therefore leveraging the Microsoft cloud technologies that they already know and trust.
  • Leveraging Azure to build solutions for our customers is what we do best, and this addition directly impacts the portfolio and future offerings of Summit 7."
  • Microsoft's Azure Government Secret will allow government customers and partners to handle US Secret classified workloads and classified secret-level data.
  • Summit 7 has acquired over 700 clients in the Defense Industrial Base, many of which need have needed Azure Government to protect CUI, ITAR, and other sensitive data.

HawkEye 360 Transitions to AWS GovCloud to Better Support Government Customers

Retrieved on: 
Tuesday, November 29, 2022
Automatic identification system, Multimedia, Kate, AIS, Government, DFARS, ITAR, Amazon Web Services, AWS, Defense, Mining, CMMC, RF, Intelligence, FedRAMP, HawkEye 360, Hawk-Eye, PST, Medical imaging, Communications satellite, Engineering

HERNDON, Va., Nov. 29, 2022 /PRNewswire/ -- HawkEye 360 Inc., a leading commercial provider of space-based radio frequency (RF) data and analytics, today announced the transition from Amazon Web Services (AWS) commercial services to AWS GovCloud (US) as a foundational element of their overall approach to protecting sensitive and controlled data. AWS GovCloud (US) is designed to host sensitive data, regulate workloads, and address stringent U.S. government security and compliance requirements.

Key Points: 
  • AWS GovCloud (US) is designed to host sensitive data, regulate workloads, and address stringent U.S. government security and compliance requirements.
  • "Our AWS GovCloud (US) migration is a significant milestone for HawkEye 360.
  • The move to AWS GovCloud (US) facilitates the development and delivery of export-controlled products and services and demonstrates to our customers the security and integrity of our data and analytics,"said HawkEye 360 Vice President of Engineering, Chris Gregory.
  • HawkEye 360 also developed a data lake architecture that uses AWS GovCloud (US) to streamline data discovery and mining through a common data catalog.

stackArmor Supports Forcepoint Expansion of Its Cloud Service Offerings by Adding CASB, ZTNA and SWG to FedRAMP Authorization

Retrieved on: 
Wednesday, November 16, 2022
Security, White House, Federal Government, Technology, Public Policy, Government, Software, Cloud, Federation, Federal Information Security Management Act of 2002, Bell–LaPadula model, Health, DLP, Security Service, Secure, Government, NIST, Stop loss, National Institute of Standards and Technology, SWG, FISMA, SSE, CMMC, Federal Information Security Modernization Act of 2014, SASE, Commercial software, FedRAMP, ZTNA, Inc., AWS, Education, Cloud access security broker, Public sector, Theft, CASB, Medical device, Risk management, Forcepoint

FedRAMP promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.

Key Points: 
  • FedRAMP promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
  • stackArmor, Inc. has continued to support Forcepoint through their FedRAMP journey from initial authorization through the FedRAMP significant change and annual assessment process for Forcepoint ONE.
  • The stackArmor team has consistently delivered trusted expertise and strategic agility in support of the Forcepoint FedRAMP program.
  • This included supporting our accelerated time-to-market of our Forcepoint ONE Security Service Edge (SSE) offering for regulated industries, said Petko Stoyanov, Global Chief Technology Officer at Forcepoint.

Kompleye Becomes an Authorized CMMC Third Party Assessment Organization (C3PAO)

Retrieved on: 
Thursday, November 24, 2022
Government Technology, Security, Defense, Technology, Contracts, Accreditation, Defense industry of Japan, OSCE Representative on Freedom of the Media, FISMA, RMF, AICPA, Federal Information Security Management Act of 2002, NIST, FedRAMP, TSC, ISO, Organization, Certification, CMMC, Audit, Government Technology, Security, Defense, Technology, Contracts

Kompleye Attestation LLC, is pleased to join the ranks of a handful of organizations who have received Cyber-ABs official accreditation to certify government contractors and commercial companies with CMMC compliance.

Key Points: 
  • Kompleye Attestation LLC, is pleased to join the ranks of a handful of organizations who have received Cyber-ABs official accreditation to certify government contractors and commercial companies with CMMC compliance.
  • Kompleyes specialized team of CMMC experts are uniquely qualified to serve clients who wish to immediately start with CMMC (level 2) assessments towards the goal of receiving a CMMC certification and gaining a competitive advantage in winning new business.
  • As CMMC becomes the choice for the Defense Industrial Base handling sensitive data, Kompleye offers a unique ability to test and certify OSCs and other solutions providers for U.S. regulatory compliance."
  • Kompleye is a rapidly growing cybersecurity and compliance audit firm with its global headquarters located in Reston, Virginia in the United States.