Screening Your Supply Chain: How Far Will You Go For Cybersecurity?

Supply Chain

Cybersecurity is like a game of “telephone” where you whisper a phrase to the next person in line. One mistake in the chain passes to others, changing the outcome. While the slip-ups are fun for a party game, no one is amused by a breach or hack in their extended network. With serious consequences on […]

How First-Person Stories Can Make Cybersecurity Lessons More Memorable

Cybersecurity Training

Despite working in cybersecurity and hearing about all types of incidents, I was riveted as my friend described how the attack rolled out and how employees reacted. In fact, I thought about the story several times during the next week and shared it with multiple people. It turns out the story was a teachable moment. […]

WT 360: CMMC Lessons From the Voluntary Assessment Program

Cybersecurity Maturity Model Certification

Derek Kernus explains how his company went through the Defense Department’s assessment process for complying with the standards at the heart of CMMC, the rule that will lay out how contractors protect information on their systems. The Cybersecurity Maturity Model Certification regulation may not be final for at least another year, but the Defense Department has […]

What will CMMC mean for the rest of us?

CMMC mean - Cybersecurity, Small Business, Article

When the Department of Defense released a Proposed Rule for the Cybersecurity Maturity Model Certification (CMMC) program, it intended to shore up the Defense Industrial Base (DIB) by asking contractors to prove that their cybersecurity was up to standards. A much bigger impact, however, will be felt throughout American business. In essence, it’s a brand-new era […]

Five lessons learned as you prepare for CMMC

Cybersecurity expert Derek Kernus explains what was learned when a small-business client went through a voluntary DOD assessment of how it protects controlled, unclassified information, meeting many of the CMMC requirements. With CMMC requirements on the near horizon, those in defense contracting are asking important questions about the timing, process, and preparation for their assessments. […]

Why you should go beyond the cyber requirements for OASIS+

Just don’t check the boxes for your OASIS+ proposals because your approach to cybersecurity might be the key differentiator for winning task orders, especially for small businesses. After months of work, checking a few boxes on the OASIS+ Pre-Award Questionnaire was no big deal. But now that the dust has settled, you might wonder what […]

Lessons learned from a joint surveillance audit for CMMC

Microsoft recently had an opportunity to sit down with Derek Kernus, Director of Cybersecurity Operation at DTS, to discuss their experience with the Joint Surveillance Voluntary Assessment (JSVA).  The Joint Surveillance Voluntary Assessment (JSVA) program is a transitional certification to CMMC, a new cybersecurity framework for Defense Industrial Base (DIB) contractors. The Joint Surveillance Voluntary Assessment […]

DTS Achieves Perfect Score on Joint Surveillance Voluntary Assessment

ARLINGTON, Va.—November 8, 2023—DTS, which delivers cyber, consulting, and management services, announced that it has earned a perfect score of 110 on its Joint Surveillance Voluntary Assessment (JSVA). Based on the same 110 controls required for a CMMC Level 2 certification, the JSVA program is a critical step in demonstrating that Defense Industrial Base (DIB) […]

What does it cost small businesses to get advanced cybersecurity?

In this Expert Insight, Derek Kernus, the Director of Cybersecurity Operations at DTS talks about the challenges facing small businesses that are under pressure to adopt cybersecurity best practices without breaking their budget. Derek offers suggestions for prioritizing cybersecurity investments – and things to watch out for as you build out an advanced cybersecurity program. […]

Hiring IT Help: Do you need an MSP or MSSP, or both?

Outsourcing can help your company grow, handling specialized tasks, often for less than the cost of a single annual salary. IT and cybersecurity are two areas where niche knowledge is essential, so it’s no surprise that 81% of companies use third-party vendors to handle part or all of their cybersecurity needs. As technical needs have evolved, two […]