Circuit Magazine’s Post

If you want to go to RSA but it’s just too pricey, XenTegra wants to help you get there, and all you have to do is take a meeting with us to discuss your IT Security/modernization challenges… Click the link below and a Rep like me will be in touch to help you… or you can message me & I’ll help you! #XenTegra invests in the best IT Events to build REAL #ITCommunity where IT leaders learn from one another! #NextGenVAR #XenTegraFL

Data-Warehouse Security is exhibiting. Meet us at our IT-SA booth. Exchange about our contributions at NCCOE, PKI Consortium and the next generations of PKI. Talking about enhancing your capabilities in cryptographic discovery, inventory, software supply chain, identifying managing risks and help you vendor neutral transformation to quantum safety, enabling quantum technologies or simply realign or manage your digital identities and machine identities. #CBOM #SBOM #CryptographicSecurity #QuantumSecurity #CryptographicInventory #PostQuantumMigration #ITSecurity #IOTSecurity #OTSecurity #ProductSecurity #Riskmanagement #CryptoStrategy #ITSA2024

Another incredible ISC West in the books! As we had so much news to share, we will continue sharing videos from the show over the next few days to showcase all the biggest updates from the show. Thank you to our customers and partners for joining us! If you missed it, join our upcoming webinar for details from ISC West, a discussion of main trends in the security industry, and our insights: https://bit.ly/43Yjmez #iscwest #axisiscwest #SecurityIndustry

👋Meet new SIA member Swear.com! 🏆In the latest SIA member profile, Jason Crawforth, founder and CEO of SWEAR (the Judges' Choice Award winner at the 2024 SIA New Products and Solutions Awards at #ISCWest), discusses the company's offerings designed to protect and preserve the authenticity of digital media and shares perspectives on the #securityindustry and working with SIA. 🔗 Check it out at the link in the comments! #SIANPS ISC Security Events

#CMMC Tidbit for today. I had an interesting time at the Defense Manufacturing Conference in Austin this week. Great opportunity to walk around and talk to both #DIB companies and Government entities working with them in the defense space. One the things that struck my team and I was the number of government entities that said CMMC was not a thing. One government PM stood at our booth and said "CMMC will never happen." Another organization that helps manufacturers with grants to better meet DoD manufacturing requirements said that they were "unsure of the CMMC timeline," that they were "monitoring it," but were not yet advising their DIB connections to take any action. Jacob Horne and others have been talking about the number of DIB companies that still felt CMMC was not a thing, and wondered why, with all the regulatory action, the final rule, etc. etc. companies still insisted that they were waiting to see if this would become real and apply to them. We are all seeing this in our interactions with companies. Most are still deciding to wait and see. I maintain my position that the front line PM's and KO's that interact with the DIB are the critical missing lynchpin. My experience with DIB companies is that they are extraordinarily attuned to the desires of their specific customer. I have both been a government PM and a contractor PM interacting with government customers and found that broadly DIB companies pay very very close attention to what those people say. Government buyers have way more power than exists in standard commercial contracting relationships and DIB companies know it. If your government PM or COTR is unhappy the CEO gets on a plane to go find out why and fix it. As long as the key interface with the DIB (government PMs and Contracting people) are telling folks that CMMC is not a thing... we are all fighting an uphill battle to get the DIB's attention. It is critically important for CMMC's success, and for the future of DIB cybersecurity that the Acquisition Workforce start talking about CMMC as being as vital and non-negotiable as the DoD CIO's office is. One PM saying CMMC is never going to come to pass (and there were several different instances here) negates a thousands hours of video from the security community's lead voices. Stacy Bostjanick, Leslie Beavers, David McKeown, Deborah Rosenblum, Gary Ashworth, Amira Armond,

At #DMC24, I heard "SUNet" for the first time. Secure Unclassified Network. A government owned, contractor managed network designed to (among other things) assist advanced design and manufacturing supply chain frameworks like digital thread to hopefully result in more frequent 'first pass yield,' decreased lead time, higher precision, etc. A few said it's like the step-sibling of NIPRNet and SIPRNet, "but not really." Others said they think it's designed to provide infrastructure to the sharing of #CUI without the cost of or need for independent non-federal network assessment, a.k.a. #CMMC. But that would only be true of contractors participating in projects utilizing SUNet enclaves - and using them to manage CUI exclusive of their own networks. I honestly have spent less than a day looking into SUNet, and have found few numbers to quantify participation, except for a 2017 $248M #Defense contract to develop it, with a few supplemental contracts awarded as recently as a year ago. I have a sneaking suspicion that rumor has spread, building hope that this effort will render CMMC unnecessary for many. In the DFARS world, hope can be a dangerous thing. It also won't hold up in court or investor meetings..."I hoped we wouldn't have to do CMMC." I would love to gain perspective on this. As Vincent implied, PMs and KOs who cast doubt on CMMC do so with a significantly heavy hand. It would be beneficial to be aware of legitimate parallel efforts having similar doubt-casting effect. If legitimate, the juxtaposition of SUNet with CMMC explains quite a bit of the confusion: technical vs bureaucratic CUI solutions. -- Digging deeper: I also saw DoDI 5000.97 "Digital Engineering" by USD(R&E) a number of times on conference media, including the booth where I learned of SUNet. It is in .97 where "digital model", "digital twin" and "digital thread" are defined, as well as a DAU glossary reference for "digital engineering ecosystem." USD(R&E) has referred to this as the Defense Innovation Ecosystem. Clearly a part of the DIB, whether or not CMMC will apply will still come down to the contract - not rumor. But I don't envy PMs and KOs who have the job of discerning and communicating requirements - and fielding calls from all those wondering why DFARS 7012 (and soon 7021) are still in their contracts. The simple part of answer is 'because they have to be.' The rest of the answer - not so much.

Don’t let networking end with a handshake! At NKST, we bridge the gap between initial connections and meaningful collaborations. Whether it’s after a conference or a networking event, we help you share your business goals, understand your needs, and connect with the right people. Let’s transform introductions into long-term, impactful business partnerships. Listen to our Co-Founder & Chief Strategy Officer Raheel Qureshi - CISSP, SABSA (SCF), COBIT talk about the concept of NKST. #NKST #WhatsNKST #NKSTisNow

Did you know that Crisis24 built a dedicated Olympics package for the TopoONE, our critical event management platform? This innovative solution helps clients at the Games stay ahead of any security threat that could potentially impact its people or operations in Paris. I think it's pretty interesting to see how TopoONE by Crisis24 can be tailored to a specific event.