Who's Certifying You?
The Delve scandal is a wake-up call: compliance certifications are only as good as the people behind them, and you're still responsible either way.
• by Ed Brownlee
Security
Security operations, threat protection, and security controls
13 notes
Cloud Trust Is Still Trust
When federal reviewers can't verify how Microsoft encrypts data in transit, it's a reminder that cloud adoption means accepting someone else's risk profile.
• by Ed Brownlee
Got a License for That?
Your Microsoft 365 license isn't just a monthly line item — it determines how secure, compliant, and scalable your business actually is.
• by Franchesca Bodey
Identity Is the New Perimeter
The threat landscape has fundamentally shifted. AV still matters, but identity protection is where the real battle is fought now.
• by Ed Brownlee
The CMMC Readiness Scorecard
A simple Red/Yellow/Green maturity test reveals whether you're actually prepared for assessment—or just hoping you are.
• by Rick Hernandez
Pitfall #4 – Evidence & Logging Failures
Why deploying security controls isn't enough — CMMC Level 2 requires objective evidence you can prove through documentation and repeatable processes.
• by Rick Hernandez
Pitfall #3 – The Access Control Gap
Access Control and Identification & Authentication represent a large portion of CMMC requirements — and where many organizations quietly fall behind on evidence.
• by Rick Hernandez
AI Governance: Unlocking Benefits While Avoiding Disasters
AI offers incredible productivity gains, but without proper governance, it can amplify disasters instead of solving problems. Here's how to get the benefits without the breakdowns.
• by Ed Brownlee
Pitfall #2 – Access Control & Identity Gaps
Where CMMC assessments fail on access control, and a practical maturity model for evaluating your organization's identity governance.
• by Rick Hernandez
Pitfall #1 – No Executive or Board Ownership
Why CMMC Level 2 failures almost always trace back to one missing element: leadership accountability.
• by Rick Hernandez
The Illusion of 'We're Probably Fine'
Why CMMC Level 2 isn't an IT problem—it's a leadership accountability problem.
• by Rick Hernandez
A Rough Year for Edge Security
The last 12 months have exposed some serious holes in firewalls, VPNs, and SD-WAN equipment. Here's what IT teams need to know.
• by Ed Brownlee
Why Email Classification Matters More Than You Think
Most organizations don't realize they have a classification problem until an audit or legal request surfaces it. Here's what we've learned from helping teams get their email house in order.
• by Chris Sewell
Want to discuss these topics?
Our team is available to help you navigate security, compliance, and IT challenges.
Contact N2CON