Blake P. Sallé

“Why CMMC Matters for DFW Businesses: Lessons From Brian Guenther – Talk To Th3 Doc Ep. 119” Cyber threats and compliance pressures are rising fast. In this week’s Talk To Th3 Doc blog, we unpack how CMMC is transforming trust, risk, and growth across DFW. 📊 Episode 119 dives into real-world lessons from Brian Guenther, President of Exceed Cyber & Compliance — and what local leaders can learn from defense-grade cybersecurity. 3 Key Takeaways: 1️⃣ Compliance isn’t paperwork — it’s protection. 2️⃣ A risk-first mindset builds resilience and trust. 3️⃣ Strong IT alignment turns compliance into growth. Why It Matters for SMBs: CMMC is setting the standard for cybersecurity readiness across all industries. Our STARpower Framework helps organizations translate those standards into real-world results. 📅 Book your tech consult → https://lnkd.in/gkmnuanu 🔗 Read the blog: https://lnkd.in/gRe-P4hp 📥 Get our Free CMMC Readiness Checklist from this episode

2

🚨 Median dwell time is back on the rise. 🔐 Stolen credentials overtook phishing. ☁️ Cloud and edge compromises are exploding. 🧑‍💻 57% of breaches are detected by outsiders—not the organization. The new Mandiant (part of Google Cloud) M-Trends 2025 report is out, and the message is clear: Attackers are inside. Most organizations just don’t know it yet. This is exactly where Acalvio Technologies lives. ShadowPlex delivers detection for what most tools miss: 🧬 Credential misuse (even when MFA fails) 🌐 Cloud, VPN, and edge device exploitation 💥 Lateral movement before ransomware encryption 📉 Reduced dwell time with high-fidelity alerts—no noise, no agents When 43% of breaches are still discovered by the attacker (via ransom note, extortion, or data leak), it’s time to rethink detection. Deception isn’t a “nice-to-have” anymore—it’s the missing detection layer between intrusion and breach. 🔍 See how Acalvio changes the game: https://acalvio.com #Cybersecurity #DeceptionTechnology #MTrends2025 #ThreatDetection #CredentialAbuse #ZeroDay #CloudSecurity #SOC #Ransomware #Acalvio #LateralMovement #MITREATTACK

6

Exciting news for Texas public sector entities! Keeper Security has secured a contract with the Texas Department of Information Resources (TX DIR-CPO-5687), enhancing cybersecurity capabilities for state agencies, public schools, universities, and local governments. This partnership enables streamlined access, pre-negotiated pricing, and robust, scalable cybersecurity solutions. Safeguard your organization with Keeper's industry-leading cybersecurity offerings. Discover more: https://bit.ly/3ZvKIYr. #Cybersecurity #TexasPublicSector #KeeperSecurity

35

2 Comments

The Megatrends report is always interesting. I’m sure it will be even more insightful to hear the discussion with Steve Van Till. You won’t want to miss this!

3

Data durability and reliability, plus lower-cost tiering for efficient storage management. A smart choice for businesses looking to optimize long-term data retention without compromising on security or accessibility.

4

We help you cut through the noise when choosing the right Managed Detection and Response (MDR) solution. Get the clarity you need. This MDR Buyer's Guide slices through the noise and delivers straight answers. It covers: -The essential services an MDR provider should offer -The superior outcomes you should expect from a best-in-class MDR service -Top questions to ask a potential MDR provider -An introduction to Sophos MDR, the world’s highest-rated and most-reviewed MDR service Download the guide and take the first step toward smarter protection: https://lnkd.in/eM9Pn4n6

3

1 Comment

Reposting from Center for Internet Security because this is one of the most practical ways for state, local, tribal, and territorial (SLTT) defenders to support each other in enhancing their cybersecurity efforts. If you are actively engaged in state, local, tribal, or territorial cybersecurity, we invite you to share what is working for you, including: - Deployment lessons - Hard-earned mistakes and recoveries - Measurable improvements in detection, response, and resilience Consider submitting a session proposal for the 2026 ISAC Annual Meeting in Orlando, scheduled for June 21–24. The deadline for submissions is March 20, 2026. If you are uncertain whether your topic is “conference-worthy,” please submit it anyway. The most impactful sessions are often those that are honest and specific. #MSannual #govtechlive #MSISAC #CollectiveCyberDefense

4

Rose Fried - Nice case study! I genuinely hope more institutions choose to protect their campuses with SentinelOne. In a world where ransomware, identity attacks, and data breaches are hitting education hard, students and faculty deserve security that’s autonomous, intelligent, and built for today’s threats. Higher education environments, like South Texas College's IT systems and digital resources, face cyber threats such as #ransomware, #phishing, #databreaches, #credentialtheft, and attacks against research infrastructure.

6

1 Comment

Thank you Matt Bromiley, SANS Institute and Endace’s own Mark Evans for discussing the NEED for Always-On packet capture for compliance and as a critical piece in network security forensics. This quick video is worth a watch!

5

𝗢𝗽𝗽𝗼𝗿𝘁𝘂𝗻𝗶𝘁𝗶𝗲𝘀 𝗮𝗻𝗱 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 𝘄𝗶𝘁𝗵 𝗔𝗜 𝗮𝗻𝗱 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻 𝗶𝗻 𝗣𝗖𝗜 𝗗𝗦𝗦 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 Thank you Dheebak S from Crossbow Cybersecurity for publishing this timely article. https://lnkd.in/gua7TD76 And many thanks to Deepak Umapathy, Sabeena Job and the team for being a sponsor at the PCI Europe Community Meeting in Amsterdam in Oct (https://lnkd.in/gXvJnNm5) as well as being the sponsor of the inaugural PCI Roundtable in Singapore next week!  https://lnkd.in/g9R7i9xb The usual gripe about AI is how it is facilitating fraud and scams around the world, and many experts continue to combat this threat.  What Crossbow has covered in the article is why I am cautiously optimistic about the use of AI to help the good guys. This ranges from: 1. Spotting threats before they hit 2. Make audits less painful, 3. Strengthen data protection 4. Speeding up vulnerability fixes 5. Saving time and money And the challenges also highlighted by Dheebak is why I remain cautious on the capabilities of AI. Check out the article on the Crossbow Blog (link above) to learn more. On a related topic, PCI's Distinguished Standards Architect, Andrew Jamieson published an article on AI Principles and how organizations need to secure the use of AI in Payments Environment. It adopts a logical and easy to follow structure on how AI Systems "must be", "should not be", "should be" and "may be". https://lnkd.in/gvF-26xA Disclaimer: PCI Council is a neutral body and my personal post is not an endorsement of any organization or solution. PCI Security Standards Council #pcissc #pcicommunity #pcidss #pcidssv4 #datasecurity #cybersecurity #payments #paymentsecurity Video credit: Thank you Canva for your platform and the royalty-free video.

57

For the engineers who refuse to walk away until the answer is undeniable. Another capture. Another decode. Because the entire business counts on their precision. See how real-world traffic behaves when everything is under strain and uncover issues with full confidence, not guesswork. Watch these videos as a NETSCOUT expert maps the route straight to the root cause. https://bit.ly/3Ndq10w

24

Discover why building resilience—not just prevention—is crucial for federal cybersecurity in today’s evolving threat landscape. Read insights from Lou.E, our federal CTO, on moving beyond compliance with Zero Trust and microsegmentation: https://bit.ly/4gNjPXv Join us at the Engage Public Sector Summit 2025 on October 7 to learn more about empowering #cyberresilience across agencies.   #EngagePublicSector2025 #ZeroTrust #bebreachready #microsegmentation #cybersecurity

15

Tenable is releasing a number of enhancements to the Vulnerability Priority Rating (VPR), including enriched threat intelligence, AI-driven insights and explainability, and contextual metadata. Learn how the improved prioritization effectiveness of the enhanced VPR compares to other common prioritization strategies. http://ow.ly/XijR106gN7S

12

Datamax's “Cybersecurity for Businesspeople” program is now officially recognized as a Texas DIR Certified Training Program. This designation ensures government agencies and local government entities can meet annual training requirements with live, engaging sessions that truly prepare end users to defend against cyber threats. https://hubs.ly/Q03J11HF0

3

Operational resilience is not only just a technical priority - it is a court business imperative. as threat landscapes evolved, the convergence of IT and OT requires a sophisticated risk based approach. Add SpearTip we go beyond the “what if” by helping our clients quantify their OT risk and understand the true financial impact of potential disruptions. By leveraging Zürich anonymized insurance and claims data, we provide our clients with a unique, data driven perspective that transformed abstract threats into actionable business insights. I look forward to connecting with many of you next week to discuss how we can strengthen your organization’s posture. Please reach out if you’d like to grab dinner or schedule a dedicated time to chat. #OTSecurity #Risk management #CyberSecurity#QuantifiableRisk #CyberRiskQualification #SpiritTip #ZürichResiliencyServices #Zürich Insurance.

1

🔥Exciting news from Keyfactor! Power Digital Trust for Texas! Modernizing public sector agencies increasingly rely on secure digital identity and cryptography to ensure reliable, resilient services. That’s why Keyfactor is now partnered with SHI International Corp. on one of SHI Government Solutions’ Texas Department of Information Resources(DIR) contracts, enabling Texas agencies to access modern PKI, certificate lifecycle automation, and cryptographic posture management through an approved and efficient procurement path. ❤️ This partnership gives Texas agencies direct access to the tools needed to strengthen digital trust across their environments: 🔐 Procure Keyfactor solutions through a streamlined DIR vehicle ⚙️ Accelerate Zero Trust initiatives with automated machine identity management 🚀 Reduce operational risk from certificate outages and crypto-sprawl 🤝 Leverage SHI’s public sector expertise and Keyfactor’s technology leadership From Texas DIR, "Over the past year, Texas has made huge strides in transforming how government entities serve their communities through innovative technology and reliable solutions." Keyfactor is very proud to be a part of the huge strides! #DigitalTrust #Partnerships #Cybersecurity #PKI #CLM #Cryptography #Texas #Government #state #healthcare #DIRisIT Tom Jones Alex Occhiogrosso Jason Smithson Kat Moore, EdD, MBA Louise McEvoy

12

2 Comments

A great summation of our Infocomm panel today, led by Lance McDonald, MBA, CTS-D, CTS-I. With so much change in our industry, coupled with consumer technologies in the workplace, and the mass adoption of AI, what does 'Enterprise' mean anymore? Do standards matter? How do we get buy-in? How do we prototype new spaces and solutions? Here are some great insights captured by Heather Long: Logitech for Business Logitech for Business Partner Hub

14

1 Comment

The ‘Hacking Exposed’ keynote is a main stage staple at RSAC, and this year’s presentation recording is now available: https://lnkd.in/ga_VUzvw The session's impact continues to resonate across the industry with George Kurtz and Michael Sentonas ripping the covers off one of the biggest adversary threats today: FAMOUS CHOLLIMA. We’ve been tracking, analyzing, and exposing how this adversary infiltrates organizations — posing as IT workers, faking interviews, and bypassing defenses. But CrowdStrike's intelligence leadership isn't just about knowing threats. It's about stopping breaches. Watch the keynote to learn about the countermeasures to combat this adversary and how CrowdStrike stops the breach. 🎯

12