Virtru

Vanguard (noun): The forefront of an action or movement. In data security, a vanguard is one who understands that protecting sensitive information wherever it travels isn't just best practice. It's foundational to mission success, business resilience, and secure collaboration. They're not following the evolution of cyber threats and regulatory demands. They're staying ahead of them. Introducing the 2025 Virtru Vanguard Award Winners: customers and partners who have demonstrated exceptional innovation and leadership in advancing data-centric security across education, healthcare, government, and beyond. Congratulations to our winners: CUSTOMER AWARDS Education: Dennis Neil & brian cors, University of Michigan State & Local Gov: Troy Richards, State of Georgia Federal Gov: Craig Rudolph & @Joe Piscuili, General Dynamics Information Technology IT/Telecom/Manufacturing: Shaun M., HII Virtru Advocates: Cameron B. & 💀 Bunny Hernández Banowsky, SHE BASH LLC PARTNER AWARDS Partner of the Year: GuidePoint Security Technology Partner of the Year: Daniel Nickolaisen, Abnormal AI Read the full press release: https://lnkd.in/ebRkHUFV Matt Sack | Matthew Howard | Carissa Nee | John Ackerly | Nicholas Michael

What does a CMMC Level 2 assessment actually look like from both sides of the table? Join us next week, January 21 at noon EST for a debrief with: 👤 Will Clary (AXIOTROP, LLC) – C3PAO Lead Assessor 👤 Andrew Lynch (Virtru) – VP of Sales with boots-on-the-ground CMMC experience They're sharing hard-won lessons from opposite sides of the process: • Pre-flight checks: aligning teams, tools, and artifacts before the clock starts • Scoping that sticks (data flows, inherited controls, boundaries) • SSPs, procedures, configs, screenshots—what passes and what gets flagged • Timeline realities and how your team's interview performance matters more than you think • Lessons learned and what to do differently Save your spot today: https://lnkd.in/erkteR2c

Thank you to Thomas J for this comprehensive look at ACP-240, Project Olympus, and Operation HIGHMAST. This article captures the paradigm shift happening in coalition warfare: 'Every data object carries its own encryption, tags, and access logic. Policies follow the data, not the perimeter.' Grateful to be part of this journey and to see ZTDF moving from pioneering concept to operational doctrine. The future of coalition interoperability is data-centric. Highly recommend the full read—link in the article above: https://lnkd.in/eZ44B6Gz

Enterprise or enclave? It's one of the first and most consequential decisions DoD contractors face on their CMMC journey. Peter Nancarrow, our VP of Cloud Operations Engineering, will be joining a panel discussion at CUI-CON (Feb 12 | 1:30-2:30 PM) to debate different architectural approaches and tackle the real challenges: scope, complexity, cost, and long-term sustainability. He'll be joined by Moderator Stuart Itkin (FutureFeed), Noël Vestal (Aethon Security), David B. (KTL Solutions, Inc.), and Tobias Musser (MNS Group). It's a working session designed to help contractors think through their options with nuance—and the panel is taking questions directly from the audience. Register for CUI-CON here: https://lnkd.in/egCsnmDB Already attending CUI-CON? Add this to your agenda. 📋 #CUICON #CMMC #CyberArchitecture #DoD

We're looking for a Graphic Design intern to join us on the Brand & Marketing team this summer at Virtru ! 🎨 If you (or someone you know) are passionate about design and want to spend the summer building meaningful work, we’d love to hear from you! 👉 Apply here: https://lnkd.in/ePmvC5Ek 📣 Or share with your network!

CrowdStrike just acquired SGNL. Palo Alto Networks grabbed CyberArk. The new message: identity is the new perimeter. But there's a problem. You're building walls around data that's designed to leave. The second an authorized user exports that file, every identity control becomes irrelevant. Identity security is not the same as data security. And if you're conflating the two, you're leaving open a massive gap. Get Matthew Howard's full analysis here: https://lnkd.in/eNaCJSYJ

Maya HTT just proved that you can achieve CMMC Level 2 compliance without GCC High. They scored 110 out of 110 controls on their first assessment. As a Canadian company with U.S. employees, GCC High wasn't available to them. Their solution combined Virtru encryption in Outlook with Azure AD conditional access policies that restricted CUI access to authenticated U.S. personnel. The assessors validated the approach. Perfect score on the first try. This matters because many contractors believe GCC High is their only option for CMMC compliance. Maya HTT demonstrates a different approach that works and costs less. Christopher Augoustis did outstanding work preparing Maya HTT for their assessment. Read the full case study here: https://lnkd.in/eQ_gTwYN Andrew Lynch | Stephen Duffy

The DoD contractor community is facing one of its biggest transformations yet and events like CUI-CON (Feb 11-13) are where the real conversations happen. Virtru will be there with our FedRAMP Authorized platform built for protecting CUI at rest and in transit. Want to talk through your specific architecture questions? Book time with our team at the conference: https://lnkd.in/ecs8dbjK #CUICON #CMMC #DoD #CyberSecurity #NIST Will Smith | Billy Jones | Peter Nancarrow

CMMC Level 2 assessments are expensive to fail. The difference between passing and scrambling for a re-assessment often comes down to a handful of avoidable mistakes. On January 21 at 12 PM EST, we're hosting a webinar with and Will Clary, C3PAO Lead Assessor at AXIOTROP, LLC and Virtru's Andrew Lynch. They'll cover: • Are pre-assessments actually worth the investment? • How to scope CUI enclaves without overcomplicating (or under-protecting) • The evidence formats that map cleanly to NIST 800-171A • Interview prep: how your team can help or hurt your assessment If you're prepping for CMMC Level 2 or advising clients who are, don't miss this 60 minute webinar. Register today: https://lnkd.in/erkteR2c #CMMC #NIST80171 #DIB #GovCon #CyberCompliance #RiskManagement

Tired of CMMC conversations that prioritize compliance theater over real security? On February 18th, we're bringing together the practitioners who are actually doing the work (assessors, C3PAOs, DIB leaders, and policy voices) for a vendor-neutral discussion that matters. Outcome-driven and practitioner-led. Join us for: → Expert panel discussions on what CMMC readiness really means → Face-to-face networking with DC's defense community → Practical guidance you can actually implement This is the inaugural DCMMC event, a new kind of CMMC community focused on credible security outcomes for the Defense Industrial Base. Spots are limited. Details + registration here: https://lnkd.in/eiegHMth #CMMC #DefenseIndustry #Cybersecurity #DIB #CMMCReadiness Juan José Salinas | Stuart Itkin | Andrew Lynch | Derrich Phillips, Lead CMMC Certified Assessor, ATP | Heather Siemens | Carissa Nee | Matthew Howard