About
A Certified Information Systems Security Professional (CISSP), Certified in Risk and…
Activity
3K followers
-
Erik Avakian reposted thisErik Avakian reposted this"Organizations want the CISO to be Superman," said Erik Avakian, technical counselor at Info-Tech Research Group. A new report from Cybersecurity Ventures and Sophos points to a global CISO shortage, but the reality may be more about unrealistic job expectations and burnout than a simple lack of talent. Thanks to Chase Snuffer of Rayburn Electric Cooperative, Scott Sanders of Sikich, Chris Drumgoole of DXC Technology and Erik Avakian of Info-Tech Research Group. https://lnkd.in/e8-fU-cg TechTarget #Cybersecurity #CISO #ITSkills #CybersecurityTalent #CIOCISO shortage may reflect unrealistic job expectations | TechTargetCISO shortage may reflect unrealistic job expectations | TechTarget
-
Erik Avakian shared thisProxy servers are often treated as a simple add on, but in reality they function as a critical control point across security, performance, and data access. When implemented effectively, proxies help protect infrastructure, manage traffic, and enable controlled data collection. When not, they can introduce risk, complexity, and even become a single point of failure. The key difference comes down to intent and governance. Are proxies being deployed with a clear purpose and oversight, or simply as a workaround for specific use cases? Thanks to Joe Supan and CNET for highlighting where proxy servers deliver real value and where organizations need to be cautious. Read more here: https://lnkd.in/gT4HH6Vu Info-Tech Research Group
-
Erik Avakian reposted thisErik Avakian reposted thisAI is making its way into web browsers, and Mozilla is giving users more control over how it shows up. Firefox’s latest update goes live on desktops on Feb. 24, introducing new AI features with the option to turn them off. In CNET’s latest article, Erik Avakian, Technical Counselor at Info-Tech Research Group, explains why this approach matters for privacy, security, and trust as AI becomes more embedded in everyday tools. Read more here: https://lnkd.in/gqTNu-gQ Article written by: Julian Dossett #ArtificialIntelligence #AI #Privacy #CyberSecurity #DigitalTrust #WebBrowsersFirefox Has New AI Features. Here's How to Disable ThemFirefox Has New AI Features. Here's How to Disable Them
-
Erik Avakian shared thisAs enterprises push AI from experimentation into production, I keep seeing the same issue: compliance is mistaken for resilience. Frameworks like NIST are valuable, but having a policy isn’t the same as proving it works. Too often, organizations rely on checkbox compliance and self-assessments without testing whether their data, systems, and recovery plans actually hold up under real-world disruption. AI raises the stakes. When models operate on poorly governed, unrecoverable, or untested data, failures don’t always show up as errors; they show up as confidently wrong decisions. If we want AI we can trust, we have to measure resilience, not just declare it. Thanks to Paul Gillin and SiliconANGLE & theCUBE for highlighting this issue in their latest article. Read more here: https://lnkd.in/eb2rNVjPThe biggest AI bottleneck isn’t GPUs. It's data resilience - SiliconANGLEThe biggest AI bottleneck isn’t GPUs. It's data resilience - SiliconANGLE
-
Erik Avakian reposted thisErik Avakian reposted thisMicrosoft flips the security script with “In Scope by Default.” This is a significant move for a company of Microsoft’s scale, says my colleague, Erik Avakian. By backing the new default-inclusion policy with process and governance, Microsoft is aligning its bounty program to match how today’s attacks actually unfold — across complex, interconnected systems rather than neat product boundaries. Read the full article: https://ow.ly/QBUI30sSp5l #Cybersecurity #MicrosoftMicrosoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bountiesMicrosoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bounties
-
Erik Avakian reposted thisErik Avakian reposted thisAs Amazon’s Ring partners with Flock Safety, enabling law enforcement to more easily request user footage, new concerns emerge around privacy and public trust. In CNET's latest feature, Erik Avakian, Technical Counselor at Info-Tech Research Group shares how strong governance and privacy safeguards can balance innovation with accountability. Read more here: https://lnkd.in/ge8b-4dt Article written by: Omar L. Gallaga #Cybersecurity #Privacy #PublicTrust #CNET #AmazonAmazon's Ring Cameras Push Deeper Into Police and Government SurveillanceAmazon's Ring Cameras Push Deeper Into Police and Government Surveillance
-
Erik Avakian shared thisExcited to share my insights on the evolving role of generative AI in cybersecurity, now published in InformationWeek! Generative AI is transforming threat detection, response strategies, and security operations at scale, but it also brings unique challenges around data protection and ethical AI usage. Check out the full article to explore how GenAI is reshaping the cybersecurity landscape and the proactive steps organizations can take to stay secure in this new era: https://lnkd.in/eZ6iapBK #Cybersecurity #GenerativeAI #AIinSecurity #Info-Tech Research Group #Lisa Morgan, CeM, J.D.
-
Erik Avakian reposted thisErik Avakian reposted thisThe "Exponential IT" (eIT) thought model is by far by favorite piece of thought leadership to come out of Info-Tech Research Group. The technology curve has increased "exponentially" over the last year in such a way that if you ran your IT shop the same way that you did "yesterday", you'll quickly get left behind. Have a look at our new eIT research center for practical advice around strategy, vendor management, I&O, apps, data, people, and more to help manage what's coming at us fast: https://lnkd.in/gWVEvZNG #technology #digital #artificialintelligence #digitaltransformation #informationsecurity
-
Erik Avakian shared thisErik Avakian shared thisPrepare for Post-Quantum Cryptography It is closer than you think, and you need to act now. I have recently authored a research blueprint titled "Prepare for Post-Quantum Cryptography" to help organizations transform to quantum-resistant encryption. Key Insight The advent of quantum computing is closer than you think: some nations have already demonstrated capability with the potential to break current asymmetric-key encryption. Traditional encryption methods will no longer provide sufficient protection. You need to act now to begin your transformation to quantum-resistant encryption. Current Situation -Fault-tolerant quantum computers, capable of breaking existing encryption algorithms and cryptographic systems, are widely expected to be available sooner than originally projected. -Data considered secure today may already be at risk due to the threat of harvest-now-decrypt-later schemes. -Many current security controls will be completely useless, including today's strongest encryption techniques. Impact and Action -Developing quantum-resistant cryptography capabilities is crucial to maintaining data security and integrity for critical applications. -Organizations need to act now to begin their transformation to quantum-resistant encryption. -Data security (especially for sensitive data) should be an organization’s top priority. Organizations with particularly critical information need to be on top of this quantum movement. Huge thanks to Adib Carl Ghubril, Erik Avakian, CISSP, CRISC, CISA, CISM, CGCIO, ITILv3, Alaisdar Graham, Carlos Rivera, Hendra T. Hendrawan, and Fritz Y. Jean Louis for their contribution to this blueprint! Please review the blueprint for details. Here is the link: https://lnkd.in/ggbv94Tm
-
Erik Avakian liked thisErik Avakian liked this"Organizations want the CISO to be Superman," said Erik Avakian, technical counselor at Info-Tech Research Group. A new report from Cybersecurity Ventures and Sophos points to a global CISO shortage, but the reality may be more about unrealistic job expectations and burnout than a simple lack of talent. Thanks to Chase Snuffer of Rayburn Electric Cooperative, Scott Sanders of Sikich, Chris Drumgoole of DXC Technology and Erik Avakian of Info-Tech Research Group. https://lnkd.in/e8-fU-cg TechTarget #Cybersecurity #CISO #ITSkills #CybersecurityTalent #CIOCISO shortage may reflect unrealistic job expectations | TechTargetCISO shortage may reflect unrealistic job expectations | TechTarget
-
Erik Avakian reacted on thisErik Avakian reacted on thisI have always loved trivia and today I get to test my mettle on the biggest trivia stage in the world. It airs tonight, May 5! I won’t spoil anything but it was a lot of fun. Oh and if you’re new here, please check out the tik tok I’m regularly featured on! https://lnkd.in/druRWZNX
-
Erik Avakian reacted on thisErik Avakian reacted on thisMy friend and colleague Jeremy Roberts will be on #Jeopardy tonight! Check your local listings (do we still have local listings??) for times! Best 22 minutes of television you're going to watch this week!! If you see Jeremy in the wild - ask him about the app our friend Felix Schmidt coded for him to help him prepare. We all found out about Jeremy's good news the night Info-Tech Research Group closed out our #ITRGLIVE! conference in NOLA, and before Felix got on the plane the next morning he'd shipped version 1, by the time he got off the plane he'd uploaded version 2! Good luck Mr. Roberts!! https://lnkd.in/eyR9HNpcFrom fan to contestant: Midhurst man lands coveted spot on Jeopardy!From fan to contestant: Midhurst man lands coveted spot on Jeopardy!
-
Erik Avakian liked thisErik Avakian liked thisToday, our team participated in Government Innovation Pennsylvania, joining public sector leaders to discuss how the Commonwealth is shaping Pennsylvania’s digital landscape to deliver more effective services and support thriving communities. We were proud to contribute to conversations focused on: - Connecting business and IT goals through Reimagine PA to turn strategy into measurable results - Building human-centered and accessible digital services through CODE PA - Strengthening cybersecurity through a unified, proactive enterprise strategy These discussions reflect OA’s mission to support commonwealth employees, improve outcomes, reduce costs, and enhance customer service across state agencies. Thank you to our OA and commonwealth colleagues who shared their expertise today, including Robyne Roberts Lyons, Eric Cole, Sara Hall, Andy Ritter, and partners across our agency teams. Together, we are transforming how government works for the people of Pennsylvania. #GovernmentInnovation #Pennsylvania #DigitalGovernment #PublicService #Cybersecurity #HumanCenteredDesign #Innovation #GovTech #CivicTech
-
Erik Avakian liked thisErik Avakian liked thisFlight's booked, hotel's reserved, and event confirmation email received. I'm officially all signed up and ready to attend our big annual event in Vegas!! Don’t miss the must-attend event for technology leaders in 2026. Info-Tech’s LIVE 2026 conference goes beyond the buzzwords—exploring how Agentic IT drives measurable impact, fuels innovation, and transforms the enterprise. LIVE is taking place on June 9–11 at The Bellagio, Las Vegas. Register here: https://ow.ly/uWo850YUIRe #InfoTechLIVE #TechEvents #Conference
-
Erik Avakian liked thisErik Avakian liked thisAt NASCIO Midyear, the keynote from Andrea Hollingsworth challenged us to lead from within. By uplifting ourselves and learning to channel our inner critic into something more constructive. In times of change, that voice can either limit us or sharpen us. Let it be the tool that sharpens you.
-
Erik Avakian liked thisErik Avakian liked thisService creates legacy, and this month, we celebrated both! At our Years of Service Recognition ceremony, we honored team members reaching 10 to 25 years with the Commonwealth of Pennsylvania. Every day, they show up committed to making our workplace stronger and our services better. To our honorees: your dedication does not go unnoticed. Thank you for all you’ve built,and continue to build. Join us in recognizing their achievements! 🎉 J Stanton - 40 years of service 🎉 Mindy Maneri - 25 years of service 🎉 Amy Butler - 25 years of service 🎉 William Greene - 25 years of service 🎉 Heather Hartman - 20 years of service 🎉 TJ Bryan - 20 years of service 🎉 Jessica Passiment - 10 years of service 🎉 Mildred 'Tascha' Lego - 10 years of service #EmployeeRecognition #PublicService #WorkforceMatters #EmployeeEngagement #GovernmentInnovation #PAEmployees #ServiceLeadership
Experience
-
-
-
-
-
-
-
-
-
-
-
Education
Licenses & Certifications
Publications
-
Featured - Routefifty.com Interview
www.routefifty.com
See publicationPa.’s Cybersecurity Team Is ‘Talking About Projects That Actually Enable the Business’
-
Featured - Cybersecurity: Lessons from 5 States
www.govtech.com
See publicationWith protection from cyberthreats an ever-present concern for IT leaders at all levels, five states presented their approaches at NASCIO's annual conference in Austin.
-
Featured - NASCIO 2017: State IT Experts Explore the Human Side of Cybersecurity
statetechmagazine.com
See publicationSecurity technology is important, but states show how people can be your biggest asset in protecting your organization and preventing attacks.
-
Featured - Cybersecurity Made Simple
SC Magazine
See publicationIn a world of ever-increasingly complex technologies, some experts advocate a move to simplify.
-
Featured - Pennsylvania CISO Erik Avakian is Developing Strategies to Improve Security for All States
Government Technology Magazine
See publicationAs chief information security officer for the state, Avakian is aligning with nationwide security initiatives, putting them in place to build momentum at the state level.
-
Featured - State Implementation of Act and Adjust (Webcast) : A Call to Action for Governors for Cybersecurity
National Governors Association
See publication(Webcast) The increasing frequency of cyber-attacks and the discovery of exploitable vulnerabilities affecting federal, state and personal systems reinforces the message of the NGA Center for Best Practices’ Act and Adjust: A Call to Action for Governors for Cybersecurity. The webcast provided different state perspectives on how they have begun or plan to adopt the recommendations of The Call to Action. Additionally, the webcast highlighted how different states allocate responsibility for…
(Webcast) The increasing frequency of cyber-attacks and the discovery of exploitable vulnerabilities affecting federal, state and personal systems reinforces the message of the NGA Center for Best Practices’ Act and Adjust: A Call to Action for Governors for Cybersecurity. The webcast provided different state perspectives on how they have begun or plan to adopt the recommendations of The Call to Action. Additionally, the webcast highlighted how different states allocate responsibility for cybersecurity among individuals and agencies.
Panelists
Erik Avakian, chief information security officer, Pennsylvania
David Cagigal, chief information officer, Wisconsin
Mark Ghilarducci, director, Governor’s Office of Emergency Services, California
Sanjeev “Sonny” Bhagowalia, chief advisor on technology and cybersecurity, Hawaii
-
Pennsylvania Cyber Leaders Share Insights
Dan Lohrmann / govtech.com
See publicationIn 2014, that Pennsylvania leadership continues in the area of cybersecurity, and this blog will let you hear the latest executive insights in an interview format with their top government leaders. From identity management to scanning Web applications for vulnerabilities to building a new collaboration portal, Pennsylvania has become a global leader in deploying new technology that benefits government services.
-
StateScoopTV Interview: Erik Avakian, CISO, PA
StateScoopTV
See publicationPennsylvania Chief Information Security Officer Erik Avakian discusses the latest in cyber security trends in this interview with StateScoopTV.
-
StateScoopTV Interview: Erik Avakian, CISO, PA
StateScoopTV
See publicationErik Avakian, Chief Information Security Officer, Pennsylvania, discusses issues around cloud computing, including "free" services, legal hurdles, terms, pilots and vendor partnerships.
-
Podcast - How government agencies can ensure security of websites
Federal News Radio
See publicationThe National Strategy for Trusted Identities is paving the way for government websites to ensure online visitors are who they say they are. Erik Avakian, chief information security officer of Pennsylvania, told Federal Drive with Tom Temin how the program began and how it promotes security.
Honors & Awards
-
2018 StateScoop 50 Awards - State Cybersecurity Leader
StateScoop
2018 StateScoop 50 Awards - State Cybersecurity Leader
State Cybersecurity Leader - The state leader who demonstrates a passion and focus on keeping systems secure and thinking about security in the big picture of state IT
The StateScoop 50 Awards annually honor the best and the brightest who make state and local government more efficient and effective. These awards allow us to celebrate the outstanding achievements of our peers and acknowledge their tireless efforts to make a…2018 StateScoop 50 Awards - State Cybersecurity Leader
State Cybersecurity Leader - The state leader who demonstrates a passion and focus on keeping systems secure and thinking about security in the big picture of state IT
The StateScoop 50 Awards annually honor the best and the brightest who make state and local government more efficient and effective. These awards allow us to celebrate the outstanding achievements of our peers and acknowledge their tireless efforts to make a positive impact in the government IT community and in public service.
-
Honor/Award Recipient - 2017 Thomas M. Jarrett Cybersecurity Scholarship
National Association of State Chief Information Officers (NASCIO)
http://statescoop.com/nascio-announces-new-president-honors-standout-innovators-in-2017
The National Association of State Chief Information Officers (NASCIO) has awarded the Thomas M. Jarrett Cybersecurity Scholarship to exceptional state Chief Information Security Officers (CISO) for the 2017 Annual Conference in Austin. This is the fifth year for the scholarship program, which was created to pay homage to Thomas M. Jarrett, past president of NASCIO (2004 - 2005), for his passion for…http://statescoop.com/nascio-announces-new-president-honors-standout-innovators-in-2017
The National Association of State Chief Information Officers (NASCIO) has awarded the Thomas M. Jarrett Cybersecurity Scholarship to exceptional state Chief Information Security Officers (CISO) for the 2017 Annual Conference in Austin. This is the fifth year for the scholarship program, which was created to pay homage to Thomas M. Jarrett, past president of NASCIO (2004 - 2005), for his passion for cybersecurity. The scholarship grants current CISOs the opportunity to attend the NASCIO Annual Conference and contribute to the national dialogue on cybersecurity and related issues.
The 2017 Thomas M. Jarrett Cybersecurity Scholarship recipient, Erik Avakian, Chief Information Security Officer, Commonwealth of Pennsylvania was nominated by John MacMillan, Deputy Secretary of Information Technology and Chief Information Officer, (Commonwealth of Pennsylvania)
-
Top 17 State & Local Cybersecurity Leaders to Watch
StateScoop
http://statescoop.com/monthly/top-state-local-cybersecurity-leaders-to-watch
Creating an ultimate list of state and local cybersecurity professionals was beyond the scope of this project. Instead, this is a cross-section of government’s best state and local cybersecurity talent, assembled through StateScoop's own stories and reporting; from the recommendations of leaders across the state and local government technology industry; and by the suggestions of nonprofits and associations…http://statescoop.com/monthly/top-state-local-cybersecurity-leaders-to-watch
Creating an ultimate list of state and local cybersecurity professionals was beyond the scope of this project. Instead, this is a cross-section of government’s best state and local cybersecurity talent, assembled through StateScoop's own stories and reporting; from the recommendations of leaders across the state and local government technology industry; and by the suggestions of nonprofits and associations across the space.
This list is not only a celebration of those in state and local government who work constantly to keep critical information and systems secure, but also a means of connecting this federated community of IT security professionals who are often too busy to share what they’re thinking and working on with their counterparts across the country. -
Named #5 in the 2016 Security 500 Rankings (Government (Federal, State and Local))
www.securitymagazine.com
Which security programs are taking the lead? These 500 enterprises have been ranked through metrics to determine the forerunners in 18 sectors.
https://www.securitymagazine.com/articles/87530-the-2016-security-500-rankings
-
Top-10 Influencers in Government Security for 2015
GovInfoSecurity.com
http://www.govinfosecurity.com/top-10-influencers-in-government-security-a-7845?rf=2015-02-02
-
Winner - 2014 Cybersecurity Leadership and Innovation Award for State Government
Center for Digital Government
http://www.govtech.com/security/2014-Cybersecurity-Leadership-and-Innovation-Awards.html
Winners of the 2014 Cybersecurity Leadership and Innovation Awards have demonstrated they are serious about cybersecurity defense by putting into place systems, practices and policies that keep information safe for citizens. In the state government category, the Commonwealth of Pennsylvania Enterprise Information Security Office was recognized for the continued operation of its Commonwealth…http://www.govtech.com/security/2014-Cybersecurity-Leadership-and-Innovation-Awards.html
Winners of the 2014 Cybersecurity Leadership and Innovation Awards have demonstrated they are serious about cybersecurity defense by putting into place systems, practices and policies that keep information safe for citizens. In the state government category, the Commonwealth of Pennsylvania Enterprise Information Security Office was recognized for the continued operation of its Commonwealth Application Certification and Accreditation (CA2) Process, which facilitates an annual cost savings of $38 million.
Organizations
-
Multi-State Information Sharing and Analysis Center (MS-ISAC)
Executive Committee Member
- PresentThe MS-ISAC Executive Committee comprises representatives who are elected by the MS-ISAC members to assist in providing strategic guidance and recommendations for the MS-ISAC. The Executive Committee votes on matters brought to its attention coming from workgroups or the MS-ISAC members at-large. https://msisac.cisecurity.org/about/executive-committee/
-
(ISC)²
U.S. Government Advisory Council (USGAC) member
- Present(ISC)²’s Global Advisory Councils represent a group of senior-level information security professionals in their respective region who advise (ISC)² on industry initiatives, policies, views, standards and concerns. The goals of the advisory councils are to offer deeper insights into the needs of the information security community in each respective region; discuss matters of policy or initiatives that drive professional development; provide feedback on (ISC)² programs, activities and…
(ISC)²’s Global Advisory Councils represent a group of senior-level information security professionals in their respective region who advise (ISC)² on industry initiatives, policies, views, standards and concerns. The goals of the advisory councils are to offer deeper insights into the needs of the information security community in each respective region; discuss matters of policy or initiatives that drive professional development; provide feedback on (ISC)² programs, activities and opportunities; and make introductions to influential organizations, bodies, institutions within government and industry with which (ISC)² should engage. https://www.isc2.org/innerpage.aspx?id=8255
-
National Association of State Chief Information Officers (NASCIO)
Security and Privacy Commitee Memeber
- PresentThe committee focuses on the intersection between security and privacy to help state CIOs formulate high-level security and data protection policies and technical controls to secure the states' information systems and protect the personal and sensitive information within them. http://www.nascio.org/committees/security/
-
Pennsylvania Criminal Intelligence Center (PaCIC)
Member
- PresentThe Pennsylvania State Police, Bureau of Criminal Investigation, established the Pennsylvania Criminal Intelligence Center (PaCIC) July of 2003 in an effort to provide law enforcement agencies throughout the Commonwealth with one central point of contact for their information needs. Through the PaCIC, trained analysts provide state police members and federal, state, and municipal law enforcement officers with access to intelligence information, investigative data, and public source information…
The Pennsylvania State Police, Bureau of Criminal Investigation, established the Pennsylvania Criminal Intelligence Center (PaCIC) July of 2003 in an effort to provide law enforcement agencies throughout the Commonwealth with one central point of contact for their information needs. Through the PaCIC, trained analysts provide state police members and federal, state, and municipal law enforcement officers with access to intelligence information, investigative data, and public source information 24 hours a day, seven days per week. Analysts also provide investigative support by analyzing complex information and collating it into intelligence summaries, organization charts, link analysis, time event analysis, and other manageable, professional products. The PaCIC is an attempt to provide law enforcement officers a central point of contact for information needed during traffic stops, investigative detentions, and other law enforcement encounters and investigations. http://www.portal.state.pa.us/portal/server.pt/community/psp/4451/hide_-_psp_pacic_overview/481156
Recommendations received
4 people have recommended Erik
Join now to viewExplore more posts
-
Jason Basye
CMMC Compliance Deadline: Are You Ready for October 1st? The DoD’s latest update to 48 CFR Part 204.75 makes it official: CMMC certification is mandatory for contractors starting October 1, 2025. If your organization handles Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), you must be certified to bid, renew, or extend DoD contracts. 🎯 Don’t risk disqualification. As a CMMC Registered Practitioner Organization (RPO), Concertium helps defense contractors like you: * Assess and close compliance gaps * Build cybersecurity policies and procedures * Train your team and prepare for certification ⏳ Time is running out. Let’s get you ready before Phase 1 begins. 📅 Book your free consultation today: concertium.com/cmmc-rpo
-
Kenneth R.
Cyber incidents like this aren’t rare anymore, they’re predictable. What matters is whether an organization has the visibility to catch the warning signs before everything goes offline. https://lnkd.in/eJkSjp-U #CyberSecurity #DataBreach #CyberAttack #IncidentResponse #CyberRisk #NetworkSecurity #ThreatDetection #VulnerabilityManagement #CyberResilience
-
Manuel W. Lloyd
Doctrine Emergency Bulletin: Global SBOM Guidance Issued On September 3, 2025, CISA, NSA, and 14 allied nations released joint guidance on Software Bills of Materials (SBOMs), urging governments and industry to adopt SBOMs as a baseline for software supply chain security. This Doctrine Emergency Bulletin (DEB) underscores that transparency without sovereignty is insufficient. SBOMs reveal components — but only Zero Doctrine™ enforces isolation and doctrinal control. Join our tabletop simulation: “Supply Chain Breach Doctrine Response.”b Book here » https://lnkd.in/eWAERm8k 📜 Our Cybersecurity Constitution™ Article V, Clause 4 — Sovereign Origination of Technical Input states “No foreign-origin technical instruction shall be admitted into sovereign systems, even under domestic escort.” Stay sovereign, stay uncompromised. — Manuel W. Lloyd
-
Matthew Milza, CCSP
New Jersey has launched a volunteer program aimed at enhancing cybersecurity efforts. This initiative will leverage the expertise of cybersecurity professionals to support the state in building resilience against cyber threats. For more information about the program, visit the link: https://lnkd.in/ett6xnK7.
-
Octavio Barranco Fragoso
NIST 800-34 - Contingency Planning Guide for Information Technology Systems NIST 800-34, Contingency Planning Guide for Information Technology (IT) Systems provides instructions, recommendations, and considerations for IT contingency planning. It is an interim measure to recover IT services after disruption. This may include relocation of IT systems and operations to an alternate site, the recovery of IT functions using alternate equipment, or the performance of IT functions using manual methods. Get the publication here: https://lnkd.in/eaU6NuzM https://lnkd.in/ehAe66pr
-
Virtual Service Operations
Post 6: Audit-Ready Operations "Are you ready for your CMMC assessment?" Wrong question. Right question: "Are your daily IT operations generating audit-ready evidence?" VSO's managed services are built compliance-first: Security monitoring with documented analysis Infrastructure changes with evidence trails Incident response with compliance reporting Configuration management with baseline tracking We don't prep you for audits. We operate audit-ready systems. Learn more at: https://vso-inc.com/cmmc/ #CMMC #ManagedServices #Compliance
-
SNH TECHNOLOGIES
🚨 70% of small businesses close within 6 months of a major cyberattack. Don’t be a stat. A resilient business doesn’t just back up data. It defends, detects, and adapts. You need proactive monitoring and real-time threat intelligence so you don't just recover from a cyberattack—you resist it.
-
CyberMSuite
Federal environments don’t get to operate in silos. CyberMSuite brings asset visibility, risk intelligence, and compliance alignment into one platform—so federal teams can manage complex environments with clarity, not guesswork. From FISMA and NIST to real-time exposure insights, it’s built for the scale and accountability federal missions demand. Learn more at CyberMSuite.com #CyberMSuite #FederalIT #FederalCybersecurity #GovTech #PublicSector #NIST #FISMA #CyberRisk #ExposureManagement #SecurityOperations
-
Jeff Baldwin, DSc
This is a fantastic resource and a well done document. There is a new CMMC FAQ. One question in the new FAQ stuck out to me: "Q4. Can Department contractors implement NIST SP 800-171 Revision 3? A4. Yes. Companies can implement Revision 3 but must use the Department’s Organization-Defined Parameters (ODPs) defined in the April 2025 memorandum, “Department of Defense Organization-Defined Parameters for National Institute of Standards and Technology Special Publication 800-171 Revision 3” found here: https://lnkd.in/eN5pnTzB. Because CMMC Assessments will be conducted against Revision 2 until the class deviation memo (Q3 of this section) is withdrawn or otherwise superseded, DIB companies must ensure any identified gaps between Revision 2 and Revision 3 are addressed." We won't know exactly when the class deviation will removed and CMMC will be on 800-171 Rev 3, but if you want to get a headstart you are permitted to implement Rev 3 if you use the DoD's Organizationally Defined Parameters (ODPs). I will note that the ODPs are subject to change during the rulemaking process. #cmmc
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content