Showing posts from September, 2017


#BestTechWorkCulture Last night, GRIMM attended the 3rd Annual DC  Timmy Awards . The Timmy Awards recognize and celebrate the technology work culture that actively promote creativity, innovation, and learning in the DC area. GRIMM was named a finalist leading into the event and we’re thrilled to have been ultimately recognized as the First Runner-Up for Best Tech Work Culture! The evening was filled with energy and camaraderie as companies across the region came together to celebrate the innovative leadership embodied by the greater DC tech community. We were thrilled to be recognized among so many other great organizations in the region, especially as we continue to raise the collective profile of the DC tech scene. When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities. Five years later, we have grown a dynamic and passionate team who strives to make a better wo

HAX and GRIMM’s Internship Programs

HAX and GRIMM’s Internship Programs One of the reasons I chose to come to GRIMM after leaving federal service earlier this year was because of one of the core principles held by the rest of the GRIMM Leadership team. That is the importance of educating the general public on the inherent cybersecurity risks in nearly everything touched on a daily basis, and of enabling future generations of cybersecurity experts, software developers, and computer engineers to solve these security challenges, as well as those of the future. Having been intimately involved with these challenges, as I worked on workforce development and training at the Department of Defense for the better part of the past decade, with an increasing global skill shortage to boot, this isn’t exactly an easy task, but something at GRIMM we try to chip away at. One of the tactical ways we do this is with a robust internship and mentorship program. This past summer, GRIMM had five amazing interns – three in our Northern Vi

A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t)

A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t) Within the context of historical cyber breaches, this can be classified as a massive attack: Equifax, one of the “big three” credit-rating agencies, announced earlier this month that  hackers gained access  to the Social Security numbers, credit card data, driver’s licenses, home addresses and other personally identifiable information (PII) of up to 143 million Americans. Some  two-dozen class-action lawsuits  (and counting?) followed, along with stinging criticism from consumer groups and congressional leaders. A vulnerability in the open-source framework, Apache Struts, is believed to be one of the causes of the hack. When using open-source products, you need to look beyond the immediate free price to the long-term implications: how will you maintain their function and security. Part of this is a commitment to actively participate in the community to contribute to the software’s continued