Konrad Fellmann
San Diego, California, United States
1K followers
500+ connections
Experience
Other similar profiles
Explore more posts
-
Matthew Titcombe
Is your organization struggling to understand how to approach 3.10.6, Alternate Work Sites? What is allowed and what an assessor may be looking for? In this CMMC Churns, we dive into 3.10.6, Enforce safeguarding measures for CUI at alternate work sites. In the requirement deep dive, we will look at the requirement, assessment objectives, the requirements relationships to other requirements, and evidentiary objects we would expect to see as assessors. Interestingly, there are four primary use cases (working at home; in public spaces & travelling; in a hotel room; and at a client location) that an organization can use to define its safeguarding requirements to be followed by staff when working outside of their offices. We also look at considerations your business should ponder when developing safeguarding measures. For example & remember, Alexa & Siri are not authorized listeners to CUI conversations… ================================================= Peak InfoSec Homepage: https://peakinfosec.com As the CMMC Churns Episodes: https://lnkd.in/eVGYGs3g Contact Peak InfoSec for Support: https://lnkd.in/e8sM_2Z3 Email: [email protected] ================================================= #cuicon #cmmc #cmmc2 #32cfrpart2002 #32cfrpart170 #infosec #informationsecurity #compliance #cybersecurity #cui #fci #cmmcab #thecyberab #nist800171 #defenseindustry #defensecontractors #defensecontracting #grc #manufacturing #dfars #manufacturingindustry #dib #satellite #satellitecommunications #satellitesystems #managedserviceprovider #msp #managedsecurityservices #mssp #DoD #GovCon #governmentcontracting #SmallBusiness #contracts #contractors https://lnkd.in/e28F-A86
2 Comments -
John LaPlante
💲 Prepare NOW for the $200M K12 Cybersecurity Pilot Program 💲 In case you missed it, the FCC released the specifications and eligible services for the $200M K12 cybersecurity pilot program. We will have much more to share with you in the coming months as we approach the expected application window opening later this year. In advance of this opening, there are things you can do NOW to prepare for what the application will require. First, you can download the *DRAFT* version of the FCC Form 484 (https://lnkd.in/gbU_XDcX). This ONLINE ONLY form will be released later this year so that schools can apply to be part of the pilot program. This is the first part of the application, where applicants must provide general information about the school seeking support, including applicants’ experience with cybersecurity matters, whether they expect to implement cybersecurity recommended best practices and their current or expected use of free or low-cost federal resources. Applicants will also be required to provide information about their proposed Pilot project, including a description of the goals and objectives to be achieved, the services and equipment to be purchased (and associated costs), and the cybersecurity risks the proposed Pilot project will prevent or address. But how can you gather this information? Vinson Protect CAN HELP! We have built a free audit tool (https://vinsonprotect.com) for you to use to audit your school’s preparation against various industry standards (including the K12 SIX Essential Cybersecurity Protections, Center for Internet Security's CISv8 Controls, and the ClassLink Cybersecurity Rubric) specifically called out in the pilot program announcement). This audit will help identify weaknesses and opportunities for improvement in your school preparedness program. It will give you a status report and security plan to help draft your proposal goals and objectives. Please let us know if you have any questions or want assistance getting started. #vinsonprotect #k12 #cybersecurity
1 Comment -
Fortified Health Security
Recent industry incidents underscore the critical importance of robust Business Impact Analysis (BIA) and Third-Party Risk Management (TPRM). Join CISO Russell Teague for another #CybersecurityMonth session and discussion on building tailored BIA and TPRM strategies. Register now: https://hubs.ly/Q02MYnwS0 #HealthcareIT #CyberResilience #RiskManagement #keepinghealthcarehealthy
-
Lawrence F. Zorio III
🌟 Honored to be Featured in VMblog's 2024 National Cybersecurity Month Round-Up! 🌟 A big thank you to VMblog for letting me part of their latest 2024 National Cybersecurity Month round-up. The article shares insights from lots of impressive security thought leaders on the latest cybersecurity trends and threats, including how to effectively manage organizational risk tolerance. Check out the article to gain valuable insights from experts in the field. Let's continue to stay informed and proactive in our cybersecurity efforts! #Cybersecurity #NationalCybersecurityMonth #SecurityTrends #RiskManagement #ThoughtLeadership
-
John Chiaramonte
📢 Hot off the Press: Verizon's 2024 Data Breach Investigations Report (DBIR) Highlights Alarming Cybersecurity Trends! 🚨 After following Verizon Business' annual release of their DBIR report for many years, many of their findings come as no surprise. Key findings include: 🔺 Vulnerability exploitation surged by a whopping 180%, primarily driven by ransomware actors targeting unpatched systems and zero-day vulnerabilities. 💣 🔺 Ransomware and extortion techniques accounted for a third (32%) of all breaches. 🔐💰 🔺 Over two-thirds (68%) of breaches involved human error or social engineering. 🤦♂️ For the 911 industry, these findings are (another) strong reminder of the need for 911 authorities to prioritize cybersecurity measures. As critical infrastructure, there is no question that 911 and emergency services agencies are prime targets for ransomware attacks and vulnerability exploits. Successful cyberattacks create interruptions that will negatively affect 911 operations, putting lives at risk. 🚑⚠️ Implementing robust vulnerability management, educating users on improving cyber hygiene, and investing in advanced threat detection and response capabilities are crucial steps to safeguard 911 systems. Collaboration between industry stakeholders and cybersecurity experts is vital to stay ahead of the ever-evolving threat landscape. Don't know where to start? Give me a call. 🤝🛡️ https://lnkd.in/eidHAHm7 Mission Critical Partners #CyberSecurity #VulnerabilityManagement #DataBreach #DBIR #CriticalInfrastructure
-
Yonatan Hoorizadeh
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a significant security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog. #Cybersecuritynews #Cybernews #Technews #Cybersecurity #HealthcareIT #MirthConnect #CyberThreats #Vulnerabilitymanagement https://lnkd.in/e7s2KvEf
-
iTech Governance Consulting
The FFIEC has officially announced the sunset of its Cybersecurity Assessment Tool (CAT) in 2025. Financial institutions must prepare to transition to more advanced tools like the NIST Cybersecurity Framework and CIS Controls. This shift requires a risk-based approach to cybersecurity—one that is more adaptable to the evolving threat landscape. Learn more about what this means for your institution and how iTGC can guide you through the transition. #FFIEC #Cybersecurity #RiskManagement #NIST #FinancialInstitutions https://lnkd.in/gmNU2Jn3
-
Lloyd Evans 🌩
AC-02 is in the top 5 most important controls I'd recommend developing familiarity with 🚨 Let's continue our Neverending Story through NIST 800-53 with: AC-02 Access Control Account Management Simply stated: AC-02 governs: - Accounts and people (users, managers, roles, groups, etc.) - Access authorizations and privileges - Account management processes - Account monitoring and review - Account PII privacy ➡️ There are 12 control elements (A-L) within AC-02 🙂↕️ which each need to be fulfilled or inherited for overall AC-02 compliance How to simplify control implementation: - Consider how account management is conducted throughout the enterprise, application team, cloud service provider, data center, etc. - Map to Identity and Access Management tools and services - Leverage inheritance for external team services - Revisit onboarding and off-boarding processes How to automate control implementation & assessment: - Integrate configuration checks for access control mechanisms - Leverage Identity and Access Management capabilities - Configure logging and alerts for audits and monitoring - Automate account review checks ⬇️ Let me know what I missed ⬇️ #GRCEngineering #NIST #NIST80053 #Cybersecurity #ZeroTrust #GRC #AccessControl #PoliciesandProcedures #AI #AccountManagement
5 Comments -
Shakeel Ali
Innovator Spotlight: Apono: In a rapidly evolving cybersecurity landscape, identity-based threats are at an all-time high. The 2024 Trends in Identity Security Report reveals that 84% of identity stakeholders experienced business impacts due... The post Innovator Spotlight: Apono appeared first on Cyber Defense Magazine. https://lnkd.in/g5WuTyAK
-
Andy Kim
Folks, Our confirmed attendance is at a record level. Clearly the message and mission has hit an major inflection point! Don't miss out on the secrets of CMMC compliance. The is will be both entertaining and serious, with a lot of can you believe this was happening in a organization stories. And how to solve the toughest part of your CMMC certification processes. https://lnkd.in/gcw49xQe #CMMC #CybersecurityCompliance #DoD #DefenseContracting #XDR #CyberSecurity #ThreatDetection #IncidentResponse #DataProtection #ComplianceDeadline #GovCon #DefenseIndustry #CMMCCertification #CyberReadiness #SecurityStandards #FederalContracting #RiskManagement #CyberDefense #DataVisibility
-
Network Frontiers®
NIST SP 800-30 Rev. 1, Guide for Conducting Risk Assessments: 3961 To post comments, create a FREE account and add comments in the box with the red balloon https://hubs.la/Q02KtTfT0 #unifiedcompliance #cybersecurity #authoritydocuments #riskmanagement
-
SafeHouse Initiative
Today in our SafeHouse Blog, Zoe Lindsey of Blumira explains how to understand the National Institute of Standards and Technology (NIST) Strategy for Mid-Sized Business Security. If you're a Small or Medium sized business, you'll want to read this excellent blog to learn how to implement security controls and protect yourself and your operation. Link in the comments below ⤵ . #cybersecurity #cyberprotection #NIST #cyberattack #ransomware #malware #businesscontinuity #operationalresilience
4 Comments -
Andy Kim
Folks, As a CMMC Registered Practitioner supporting 100+ organizations in the DoD supply chain, I want to personally invite you to a webinar like no other. We will be discussing the CMMC final rule and how to supercharge the most challenging aspects of CMMC compliance with XDR technology. Register at the link below, to learn how to achieve 50% compliance over the most challenging aspects of CMMC compliance immediately. https://lnkd.in/gcw49xQe #CMMC #CybersecurityCompliance #DoD #DefenseContracting #XDR #CyberSecurity #ThreatDetection #IncidentResponse #DataProtection #ComplianceDeadline #GovCon #DefenseIndustry #CMMCCertification #CyberReadiness #SecurityStandards #FederalContracting #RiskManagement #CyberDefense #DataVisibility
-
Patrick Sullivan
Many of you have questions about ISO42001, and many don't even know where to begin. It's a lot...a lot to take in, a lot to think through, a lot to consider. To help you build momentum, A-LIGN has published a new ISO42001 Frequently Ask Questions (FAQs) blog, so if you're not sure where to start on your journey, this is the place! https://lnkd.in/e3yV93kh #iso42001 #iso27001 #ethicalAI #resonsibleAI #AIGovernance #TheBusinessofCompliance #ComplianceAlignedtoYou
1 Comment -
Rob Schenk
Follow up on the recent NPD data breach, which exposed 𝟮.𝟳 𝙗𝙞𝙡𝙡𝙞𝙤𝙣 𝙎𝙤𝙘𝙞𝙖𝙡 𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙉𝙪𝙢𝙗𝙚𝙧𝙨. There are several web sites that you can go to to check if you data was compromised. (check the comments for a link to one of them). 𝗥𝗲𝗰𝗼𝗺𝗺𝗲𝗻𝗱𝗮𝘁𝗶𝗼𝗻𝘀 𝗼𝗻 𝗻𝗲𝘅𝘁 𝘀𝘁𝗲𝗽𝘀: • 𝗖𝗼𝗻𝘀𝗶𝗱𝗲𝗿 𝗳𝗿𝗲𝗲𝘇𝗶𝗻𝗴 𝘆𝗼𝘂𝗿 𝗰𝗿𝗲𝗱𝗶𝘁 𝗳𝗶𝗹𝗲. This will reduce the risk to an attacker making unauthorized account additions to your profile. To freeze the file, you'll want to create accounts if you haven't yet already with Transunion, Experian, and Equifax. • 𝗥𝗲𝘃𝗶𝗲𝘄 𝘆𝗼𝘂𝗿 𝗖𝗿𝗲𝗱𝗶𝘁 𝗙𝗶𝗹𝗲 𝗳𝗼𝗿 𝗱𝗶𝘀𝗰𝗿𝗲𝗽𝗮𝗻𝗰𝗶𝗲𝘀: Ensure that there is no information listed that you are not already familiar with, clean up as needed. Dispute any anomalies and remove them from the file. • 𝗥𝗲𝗴𝘂𝗹𝗮𝗿𝗹𝘆 𝗿𝗲𝘃𝗶𝗲𝘄 𝗮𝗻𝗱 𝗖𝗹𝗼𝘀𝗲𝗹𝘆 𝗺𝗼𝗻𝗶𝘁𝗼𝗿: Review any changes to your file that would be indicators of a compromise. 𝗖𝗵𝗲𝗰𝗸 𝘁𝗵𝗲 𝗰𝗼𝗺𝗺𝗲𝗻𝘁𝘀 𝗳𝗼𝗿 𝗮𝗱𝗱𝗶𝘁𝗶𝗼𝗻𝗮𝗹 𝗵𝗲𝗹𝗽𝗳𝘂𝗹 𝗹𝗶𝗻𝗸𝘀!
10 Comments
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Konrad Fellmann
-
Konrad Fellmann
Specjalista ds. utrzymania ciągłości systemów IT
-
Konrad Felix Fellmann
Varian Medical Systems
-
Konrad Fellmann
--
3 others named Konrad Fellmann are on LinkedIn
See others named Konrad Fellmann