Resources & Industry News

SLATE understands how challenging it is to keep up with industry news regarding the latest threats, attacks, emerging and potential threats. The following links are great resources for our staff and customers in helping to understand the current landscape in the Cybersecurity space. Each link has a specialized focus that contains great information. Check back frequently to see additional resources and to keep up with our latest blog posts!

Verizon has just published their annual Data Breach Report. The report was written by compiling data from 41,686 security incidents and 2,013 data breaches. Verizon was able to isolate specific data points from the compiled data, giving organizations the ability to know where they should focus their attention. They found that even though most attacks […]

Read More

A few weeks ago, I had recommended to a client that they should purchase Insurance instead of implementing specific controls in their environment to mitigate a particular risk. The client was not aware that this was an option and thought that General Liability Insurance provided coverage. Once I explained that liability insurance is very limited […]

Read More

We are pleased to announce that Slate Enclave has been certified by MD Department of Commerce as a Qualified Maryland Cybersecurity Company (QMCC). Having this designation allows Maryland companies to work with us while developing a Cybersecurity Program for their company while having the opportunity to claim up to $50,000 in tax credits during the […]

Read More

We have recently seen an increase in customers asking if performing vulnerability scans is necessary in an era where patching can be automated at the host or by using patch management tools. The short answer is YES! Each environment is its own animal and the possibility of an organization being compromised rises at a high […]

Read More

An Authorized Application List, or Whitelisting Applications is a method to approve applications for enterprise use if the business need exists while controlling and validating the source of the applications. If the application is not on the authorized list, it cannot be installed on the end device. An exception can be submitted and reviewed for […]

Read More

As the demand grows for vCISO services, it is getting more difficult to find a candidate who has the appropriate level of experience needed to fill that gap. This issue of supply and demand is getting worse as the number of security incidents rise each year. These changes within the Information Security space is causing […]

Read More

Today’s business climate involves constant cyber-attacks against all types of organizations, regardless of industry. Unfortunately, it is an inevitable occurrence that organizations must be prepared to handle. These attacks target organizations that have developed and implemented a proper security program and organizations that have misconfigured and poorly implemented security programs. They are targeting an organization […]

Read More

The Defense Federal Acquisition Regulation Supplement (DFARS) guidance that has been published by the Federal Government requires all DoD contractors and organizations that deal with sensitive data related to government programs complete a NIST 800-171 assessment to become fully compliant with section 252.204-7012. If this assessment is not completed and compliant, your organization can risk […]

Read More

Having an audit conducted on your organization’s security program is not an event that most people look forward to. They are filled with auditors who make a living trying to find deficiencies and weaknesses in the implemented, or not implemented, controls that are part of your industry. Multiple triggers can push the audit, but two […]

Read More