CPCSC Level 1 Is a Self-Assessment. That Doesn’t Make It Simple.
There’s a version of the CPCSC Level 1 story that sounds almost reassuring. It’s a self-assessment. Thirteen security requirements. You check the boxes yourself, submit
CPCSC or CMMC? If You Sell to Both Governments, Plan for Both
For Canadian companies that sell into the US defence supply chain, the past two years have been a study in regulatory parallel processing. The US
CPCSC Is Live: What Canadian Defence Suppliers Need to Know
Canada’s defence industry has been watching CPCSC come down the pipe for two years. As of April 2026, it’s here. The Canadian Program for Cyber
DLP vs. DSPM: Understanding the Evolution of Data Protection
For years, Data Loss Prevention (DLP) was the default answer to the question “how do we keep sensitive data from leaving our organization?” And it
DDoS Attacks Are 70% Larger—And Your Perimeter Defense Wasn’t Built for This
For years, the conventional wisdom around DDoS mitigation was relatively straightforward: upstream providers absorb the bulk of volumetric attacks, and enterprise-side defenses handle the rest.
Post-Quantum Cryptography: Why Your 5-Year Security Roadmap Might Already Be Obsolete
There’s a comfortable assumption baked into most enterprise security roadmaps: that the cryptographic foundations underpinning everything—TLS sessions, VPNs, digital signatures, key exchanges—will hold for at
AI Agents With Full Computer Access: Security Implications Most Organizations Aren’t Ready For
The AI agent era isn’t a future state anymore. It’s arriving now. Over the past several months, the major AI labs have been racing to
Why the Best Security Programs Start With Adversary Simulation
There’s a persistent belief in enterprise security that if you check enough boxes, you’ll be safe. It’s comforting. It’s orderly. And it’s wrong—not because compliance
Red Team vs. Purple Team: Which Does Your Organization Actually Need?
There’s a question that comes up constantly in conversations with security leaders: “Should we run a red team engagement or a purple team exercise?” It
How to Build a Cyber Risk Quantification Program That Actually Informs Business Decisions
There’s a dirty secret in cybersecurity governance: most cyber risk quantification (CRQ) programs fail to deliver on their promise. Not in the dramatic, headline-grabbing sense—they
When OT Meets the Parking Lot: Why Vehicle Cybersecurity Can’t Be Ignored
We tend to think of cybersecurity in terms of servers, endpoints, and cloud environments. But there’s a class of networked computer that most organizations park
AI Won’t Replace Cybersecurity—But It Will Replace Cybersecurity That Ignores AI
When Anthropic’s Claude Cowork capabilities spooked the broader software sector in late January and early February 2026, cybersecurity stocks got swept up in the panic.
The $1 Trillion Software Selloff and What It Means for Cybersecurity
In early February 2026, US software stocks shed roughly $1 trillion in market value over the course of a single week as investors reassessed what
Early 2026’s Breach Disclosures Reveal the Real Cost of Data at Scale
Sometimes a single breach dominates headlines for weeks. Other times, several disclosures land in rapid succession, and the cumulative picture they paint is more revealing
Your LLM Infrastructure Is Already on Attacker Target Lists
If you’re running large language models in production, you need to understand something uncomfortable: you’re probably already on someone’s list. Not a theoretical future threat
CISOs Are Now Chief Resilience Officers, Leading Companies Through the AI Security Paradox
The boardroom conversation has changed. When executives discuss artificial intelligence in 2026, they’re not asking whether to adopt it—they’re demanding faster deployment. Marketing wants AI-powered
IAM Automation Is Fraught, But Increasingly Necessary. Here’s How to Approach It.
Identity and access management (IAM) has reached a curious inflection point. On one hand, the sheer scale of modern enterprise identity management—with hundreds or thousands
ICS and OT Systems are Becoming More Frequent Cyber Attack Targets
The term “cyber attack” brings ransomware and stolen data to mind, but today there’s a quieter yet equally devastating war being waged against industrial control
Identity-Focused Attacks Are a Trend—Here’s How They Work and What To Do About Them
In today’s digital landscape, a single set of valid employee credentials can be all an attacker needs to infiltrate an organization, navigate through its systems,
Cybersecurity Awareness Month 2024 Provides Four Simple Steps to Secure Our World
In today’s technology-driven world, Cybersecurity Awareness Month serves as an important reminder of the proactive steps we can all take to safeguard ourselves, our families,
Uncovering Hidden Threats: The Crucial Role of Penetration Testing in Cybersecurity
In the digital age, where data breaches and cyberattacks are increasingly common, safeguarding your organization’s digital assets isn’t just an option—it’s a necessity. While many
Plurilock Critical Services Mobilizes Rapidly—and This Transforms Outcomes
Cyber threats are evolving faster than ever. From sophisticated ransomware attacks to state-sponsored espionage, the speed at which an organization can respond to risks and
How Many Vendors Are Represented In Your Environments?
Our Critical Services team routinely encounters environments populated by multiple products from multiple vendors and multiple VARs or suppliers. In some cases, we encounter networks
Plurilock AI is a Quadrant Gold Medalist for the Fifth Year Running
Don’t look now, but Plurilock AI has been named a quadrant gold medalist for the fifth year running by Info-Tech and SoftwareReviews.com. Products from lumbering
Plurilock Critical Services Delivers the Capabilities You Need in a World of Increasing Risk
Data and security breaches. Regional warfare. Natural disasters. Pandemics and social crises. Supply chain instability and opacity. These are challenging times in technology. The rates
Pairing World-class Services with a World-class VAR Gives Plurilock—and You—Key Advantages
At Plurilock we’re both a consultant and services provider (through our Plurilock Critical Services unit) and a large technology reseller with millions and millions of
How GDPR, CCPA, HIPAA, and Other Data Privacy Standards Safeguard Our Digital Lives
In the digital age, our lives are more connected than ever. We shop online, communicate through social media, store personal photos in the cloud, and
Fortifying Education: A Guide to Cybersecurity Resources for K-12 Schools
In the rapidly evolving landscape of digital education, the role of cybersecurity in K-12 schools cannot be overstated. As educational institutions increasingly rely on technology
Bridging the Gap: The Challenge of Finding Cybersecurity Allies in the Midst of Crisis
In an era dominated by technological advancements, our dependence on digital infrastructure has never been more pronounced. However, with this increased reliance comes an elevated
No, Cybersecurity Isn’t Beyond the Reach of Small Businesses and Organizations
If you’re a small business, a small organization of any kind, or an organization that lives at something of a remove from Wall Street and
A Call for Responsible Governance of AI Use
In the dynamic realm of artificial intelligence (AI), organizations find themselves at a pivotal juncture, tasked with finding a way to balance innovation and accountability.
Learning Technology in K-12 Schools Poses Unique Cybersecurity Challenges
Learning technology in K-12 schools poses unique cybersecurity challenges that aren’t often considered by the broader cybersecurity industry. Chrome OS is incredibly important in education,
The Unparalleled Security Dance: YubiKey and Plurilock AI Cloud
At Plurilock, we understand the paramount importance of cloud security, and our mission since the beginning has been to pioneer innovative and agile solutions for
Empowering Insurance: The Role of Generative AI and AI Guardrails
In recent years, the insurance industry has undergone a transformative journey, leveraging cutting-edge technologies to enhance efficiency, accuracy, and customer experience. Among these technologies, generative
Lithium and Cobalt Supplies Are Among the Cybersecurity Battlegrounds Emerging due to Electrification
“Electrification” is one way to describe the fact that more things in the real world than ever before are now computing systems under the hood.
How Digital Fatigue Turns Employees into Cyber Risks
In an era dominated by digital communication and information overload, the modern workplace is grappling with a silent adversary—digital fatigue. A recent study by CybSafe
How to Navigate the Generative AI Frontier—and Ensure AI Safety and Security in Your Business
In an era where innovation and technology are at the forefront of business operations, the integration of generative AI has become a game-changer for countless
Social Engineering Attacks in Today’s World: A Looming Threat to Organizations
In today’s interconnected world, the threats that organizations face are evolving at an unprecedented pace. While cyberattacks and data breaches have long been a concern,
Password Managers Don’t Replace SSO, and This is Why
We’ve been stuck with username-password identity for decades, and in 2023 everyone knows a few truisms about them: Users tend to pick relatively insecure passwords
Alert Fatigue Remains a Problem—and Needs a Different Class of Solutions
The average cost of a data breach in 2022 reached a record $3.86 million, yet the average time to identify and contain a breach was
Cybersecurity’s Women are Breaking Barriers, Leading the Way—But We Need More of Them
In today’s interconnected world, where cyber threats are on the rise, the need for skilled professionals in the field of cybersecurity has never been greater.
“Shadow AI” Is Becoming a Problem in IT, and It’s Going to Get Worse
Generative AI has seen explosive growth in popularity this year. Platforms like ChatGPT and Bard are quickly becoming go-to tools for everyday work—at the same
Announcing Early Access Program Availability of Plurilock AI PromptGuard
The first half of 2023 has seen explosive growth in AI adoption. Employees across every sector of the economy are finding ways to use platforms
AI Means Companies are Leaking More Confidential Data Than Ever Before
Once a matter of science fiction, artificial intelligence (AI) has now been seamlessly integrated into our lives. Open your phone with facial recognition? AI. Use
Cyberattacks are Increasing in This Surprising Sector
When I mention the terms “ransomware attack” or “data breach,” what’s the first sector or business you think of? Most likely your answer was a
Who is Lapsus$?
Who is Lapsus$? After claiming responsibility for high-profile attacks on major corporations like Microsoft, Okta, Samsung, Ubisoft, and NVIDIA at the beginning of 2022, the
Cybersecurity Positions and the Need To Think Differently
Introduction In the 1993 film Rookie of the Year, coach Larry Fisher, thinking differently while fighting to save his club from the ignominy of a
Behavioral Biometrics and Passive Identity Authentication in Support of Zero Trust Architecture
A zero-trust security architecture has a minimized threat surface and more control over authentication and user access. It is a reliable security approach for countering
Behavioral Biometric Systems: Privacy-Friendly, Less Risky, More Compliant, and More Secure
Many organizations today depend on digital services and data to run daily operations and ensuring the privacy of critical data and information systems is now
Zero Trust, the Workplace, and Post-COVID: 5 Questions Answered
Zero trust. Those two words are gaining ground as businesses continue to weather the pandemic. COVID-19’s sudden impact in 2020 tested organizations’ ability to adapt