Charting the Future: CMMC Compliance, Identity Management, and Cutting-Edge Cybersecurity Strategies

In this newsletter, we kick off with a spotlight on identity management, showing how the right partners can make or break your security—and uncovering hidden risks within Entra ID Administrative Units. We then dive into the Pentagon’s latest CUI training initiatives for the CMMC rollout and how the Defense Logistics Agency is harnessing automation to streamline compliance. Plus, get an insider's view on the surge in data breaches, early ransomware warnings, and the essential tools to safeguard your organization. Your guide to staying ahead starts here!

Identity:

Evaluating New Partners and Vendors From an Identity Security Perspective Time to Read: 4 - In his article, "Assessing Third-Party Risk: What Questions Should You Ask Potential Vendors?" Matt Mills, President of Worldwide Field Operations at SailPoint, emphasizes the importance of effective identity management for enterprise success and security. However, many business leaders lack a deep understanding of the complexities involved in identity security. Mills concludes that choosing the right partner is crucial for a successful identity security program and ultimately protecting a company from potential breaches and reputational damage.

Hidden in Plain Sight: Abusing Entra ID Administrative Units for Sticky Persistence Time to Read: 17 Summary of 1 of 2 - This webpage discusses the security implications of Entra ID Administrative Units (AUs), which allow for scoped role assignments within Entra ID. The key points of the research are highlighted, including the use of AUs for privileged persistence and to obfuscate permissions grants. The post concludes with a discussion of the methodology used to find these vulnerabilities and the steps to mitigate them.?

Security:??

Chinese spies spent months inside aerospace engineering firm's network via legacy IT - A global engineering firm has been targeted by Chinese state-sponsored spies who compromised their network using default credentials on an IBM AIX server. The spies were inside the firm's IT system for four months, potentially accessing sensitive information and conducting espionage.The spies had full remote access to the network and could have stolen intellectual property or manipulated the supply chain. The firm's legacy systems were vulnerable, and newer security tools were not compatible. The spies were ultimately discovered and removed, but they attempted to regain access within 24 hours. The incident highlights the need for stronger cybersecurity measures and awareness of potential threats in the supply chain.

Surging data breach disruption drives costs to record highs Time to Read: 4 - IBM's Cost of a Data Breach Report 2024 reveals that while security teams are improving at detecting and responding to breaches, attackers are causing more financial damage to organizations. The global average cost of a breach has reached a record high of $4.88 million, with lost business costs, post-breach customer support expenses, and regulatory fines as major contributors. Despite organizations' efforts to improve their response time, 70% of those studied experienced significant or moderate disruptions to their operations. The study, conducted by the Ponemon Institute and analyzed by IBM, also highlights the growing importance of security AI and automation technologies in mitigating breach impacts and reducing costs. The report provides actionable insights and recommendations for organizations to mitigate the risks and potential costs of a data breach.

Infostealers: An Early Warning for Ransomware Attacks Time to Read: 4 - The article discusses the correlation between infostealer infections and ransomware attacks. According to a report, nearly one-third of companies that experienced ransomware attacks last year had previously been infected with an infostealer. Infostealers are used by attackers to steal credentials and other sensitive data, which can then be used to carry out a successful ransomware attack. This trend is on the rise due to the availability of malware-as-a-service, where attackers can easily purchase pre-built packages for attacks.?

DevOps:

Unlocking performance management for start-ups and scale-ups Time to Read: 5 - The webpage discusses the challenges and importance of performance management for engineering managers, and provides a framework for evaluating and improving team performance. It emphasizes the need for feedback and continuous improvement, and offers tips for handling resistance and implementing the framework successfully. The webpage also features other related topics such as team communication, documentation, and delegation.

Istio and the State of DevOps: Enhancing Key Metrics - The "Istio and the State of DevOps: Enhancing Key Metrics" blog discusses the benefits of integrating Istio, a service mesh, into Kubernetes environments. It highlights the technical wins and business benefits of using Istio, such as improved traffic management, security, and observability. The blog also explores how Istio can enhance key DevOps metrics, including team performance, software delivery, operational efficiency, and employee well-being, based on insights from the "Accelerate State of DevOps Report".?

Compliance:?

Ahead of CMMC rollout, Pentagon preps CUI training, tools Time to Read: 3 - The Pentagon is developing training and tools to help program managers mark sensitive information that will trigger Cybersecurity Maturity Model Certification (CMMC) requirements. CMMC will provide third-party audits to verify contractors' compliance with National Institute of Standards and Technology cybersecurity standards. The DoD plans to roll out CMMC over three years and is concerned about adversaries stealing sensitive data from defense contractors. The DoD inspector general found that the department was not properly tracking the use of CUI markings and the completion of CUI training. The Pentagon is working to improve consistency in the application of CUI requirements and is developing tools to help identify when CUI markings are necessary. CUI is a critical aspect of the CMMC system, but it has yet to be codified into the CMMC rules. Companies are encouraged to communicate with the DoD about identifying and protecting CUI. This article is copyrighted and not intended for users in the European Economic Area.

DLA turns to automation for head-start on incorporating CMMC requirements in contracting Time to Read: 3 - The Defense Logistics Agency is preparing for the implementation of the new Cybersecurity Maturity Model Certification 2.0 by automating its contracting systems and verifying contractor compliance with NIST's Special Publication 800-171. This is part of a larger effort to increase efficiency in the acquisition process and reduce procurement lead time. The DLA is leveraging automation and new technology, such as robotic process automation, to free up contracting professionals from repetitive tasks and improve efficiency. However, some critical contracts still require manual assembly by a contracting officer.?

AI:

New whitepaper available: Building security from the ground up with Secure by Design - In today's digital landscape, organizations must prioritize security in order to maintain operational resilience and earn customer trust. However, many companies prioritize performance and user experience over security, leading to vulnerabilities in their supply chain. To combat this, the concept of Secure by Design (SbD) is gaining importance, and it involves integrating security measures into every step of the product development process. A recent whitepaper from AWS and SANS Institute outlines key considerations for implementing SbD, including integrating it into the software development lifecycle, using automation, and applying it to emerging technologies like AI.?

The Current Cybersecurity Landscape: New Threats, Same Security Mistakes Time to Read: 5 - The current cybersecurity landscape is filled with economic turbulence and an increase in cyber threats. To stay resilient, enterprises must adapt to these risks by embracing modern technology, such as generative artificial intelligence (GenAI). However, the speed of innovation is outpacing security measures, leading to an increase in attacks. To address this, organizations must prioritize compliance and implement post-quantum cryptography (PQC) to protect against the looming threat of quantum computing. Secrets management is also a major security concern in cloud and DevOps environments, highlighting the need for a data-centric security approach.?

Tools/Projects:

Stop Building the Wrong Tools: How Developer Surveys Transformed Our Focus Time to Read: 5 - The author shares their experience of building an internal developer portal at a high-growth startup and how a simple developer survey changed their approach. Despite investing two years in developing the portal, they realized it wasn't solving their developers' biggest pain points. The survey helped them understand the top priorities and focus on the right things. They shifted their focus to building local first tools for faster development and saw a positive response from users.?

Google introduces new security and productivity features for Chrome Enterprise Time to Read: 2 - Google LLC has announced new capabilities for Chrome Enterprise, a paid version of its browser designed for organizations. These features include cybersecurity controls and productivity tools. Chrome Enterprise also now has integrations with Okta, Ping, and Cisco Duo, allowing for context-aware access. There are also enhancements for personal device usage and a new dashboard for monitoring work profiles.?

In Conclusion?

In today’s fast-evolving cybersecurity landscape, staying ahead is more crucial than ever. From managing identity risks to preparing for CMMC compliance and strengthening data protection, every step counts in securing your organization. We hope this newsletter has sparked valuable insights to guide your journey. For more strategies, expert advice, and the latest updates, don’t miss out—visit our blog. Let’s keep building a secure, resilient future together!

About UberEther?

UberEther is a leading technology integrator dedicated to innovating solutions for government clients. Based in Sterling, VA, we specialize in transforming security and access control needs into strategic advantages. Our accolades include numerous awards and recognitions, and we have achieved FedRAMP High + DoD IL5 Authority to Operate (ATO) for our Integrated Managed Identity Platform. Learn more about our cutting-edge solutions at uberether.com.