CMMC is here and C3PAO assessments began on January 2, 2025. So what should you expect from an assessment, and how can you set your company up for success?

Uncover the truth about cyber attack misconceptions with Hive Systems' latest research. Learn how media coverage skews public perception of cyber attacks and discover the real risks organizations face. Explore data-driven insights to better protect your business in an evolving threat landscape

As the CMMC program takes effect, understanding what qualifies as Federal Contract Information (FCI) is critical. This guide breaks down FCI definitions, offers practical tips for identifying and handling FCI across your organization, and walks you through applying CMMC Level 1 controls—ensuring you stay compliant, secure, and ready for the new era of defense contracting.

Dwight D. Eisenhower, the 34th U.S. president, once said, 'Plans are nothing; planning is everything.' In this post we’ll dive into the fundamentals of incident response planning, and take it a step further to show how planning for an incident goes beyond just documentation.

A JSVA could be the answer your company has been looking for to get ahead of CMMC. Katie, a CCA on our team, helps outline everything you need to know about getting CMMC Level 2 certified - giving your company the advantage before CMMC even starts!

The long-awaited CMMC rule has finally been officially published and is accompanied by some beneficial changes from the original draft. We break them down for you so you and your organization can begin to prepare for the imminent enforcement.

NIST recently updated its decades-old password security guidance after years of scrutiny, skepticism, and flat-out ineffectiveness finally forced the agency to address practical security considerations and realistic threats while abandoning what many considered to be ineffective security theater.

The Federal Risk and Authorization Management Program (FedRAMP) has been a cornerstone for ensuring the security of cloud services used by federal agencies. Recently, significant changes to the program - specifically the sunset of the JAB have sparked discussions across the cloud computing landscape.

CMMC has been on the horizon for years, lurking in the distance and often thought of as a “tomorrow” problem. With the publication of the proposed rule to amend DFARS 252.204-7021, let this be a wake up call: CMMC is coming - and it’s coming quickly.

Job scams are on the rise and they’re coming straight to your phone via text, email, and even social media. Watch this interview with our CEO, Alex Nette, who explores the ways to identify a job scam and stay ahead of scammers if you’re on the hunt for a job!

Change Healthcare, owned by healthcare giant UnitedHealth Group, has confirmed that patient data was exfiltrated from their environment after all - a stunning reveal that will impact millions of patient records.

The long-awaited NIST 800-171 Revision 3 has been released. What’s new, and what are the implications for CMMC?

It's the 2024 update to our Hive Systems Password Table - including using a new “most-hacked” password hash. See why our Password Table has been shown and written about on the news, published by universities, and shared by companies across the globe. Learn more and download your copy!

Cookies help enhance our browsing experience, but what are the risks? Learn more about how cookies work, what data they collect, and how you can protect your data from misuse.

Artificial Intelligence (AI) is set to be the newest ally for many companies, but it’s also set to be the newest threat.

Are you tired of filling out lengthy vendor questionnaires and are looking to pursue an SOC 2 examination report instead? Discover some basic practices to secure your customers’ data and pave the way for SOC 2 certification.

Google and Yahoo are requiring DMARC beginning in February 2024. So what does that mean for your organization, and how do you implement it?

The DoD just released a proposed rule for implementation of all CMMC requirements by October 1, 2026. The plan will be implemented in four phases.

In the interconnected web of modern business ecosystems, supply chain risks have emerged as insidious threats, leaving even the most vigilant organizations vulnerable to devastating cyber breaches.

The 2023 update to our research that compares how cybersecurity incidents and data breaches occurred, what academia published, what the news covered, and what people Googled. So what’s new this year, what was our methodology, and what was surprising? Read on!