DFARS 252.204-7012: Terms to know
DFARS 252.204-7012 requires that, as a DoD contractor, your organization and your subcontractors must obtain certification of compliance. The deadline has now passed to meet DFARS compliance rules that put cybersecurity safeguards on what the U.S. government calls 'controlled unclassified [...]
8 early warning signs of IT disaster
I am flattered to have provided input for a story by an author whose work I have read for years. His name is Dan Tynan, and he wrote “8 early warning signs of IT disasters” for CIO Magazine. Here is [...]
Imran Awan case shows lax security controls for Congressional IT staff
By Kevin McDonald Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Those who operate with high-level system access, [...]
GDPR: The Regulatory Iceberg of 2018
You're heading into dangerous waters. On May 25, 2018, the European Union (EU) General Data Protection Regulation (GDPR) goes into full effect, and it will almost certainly affect you. If you are not compliant with the GDPR by this date, you could [...]
Average Ransomware Attack Infects 16 Workstations, 5 Servers and 22 Users
Midmarket firms are getting hit hardest by ransomware. Data from 2017 shows that 29% of the companies with 1,000 to 5,000 employees are getting struck by ransomware. If companies that size—who presumably have the resources to guard against this scourge—are [...]
What can my cloud provider do with my data?
Take a moment from your day and pull out the last three or four cloud services agreements your company has entered into. Now, highlight the provisions in those agreements that specifically define how the vendor may use your data. You [...]
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
