Information Technology Navigator

Microsoft is introducing a new detection capability in Microsoft Defender for Office 365 to help protect your organization from a growing threat known as email bombing. This form of abuse floods mailboxes with high volumes of email to obscure important messages or overwhelm systems. The new “Mail Bombing” detection will automatically identify and block these attacks, helping security teams maintain visibility into real threats.

Email bombing is a tactic to hide important emails by flooding your inbox with irrelevant ones. For instance, an attacker might order expensive items using your Amazon account and bury the confirmation emails. If you own a domain, they could be trying to transfer it. They may also hide transaction confirmations if they accessed your bank or financial accounts. Ultimately these attacks are designed to distract you, the target, from the “real” email they do not want you to see.

Read More

In today's threat landscape, identity is the new perimeter—and for most organizations, Microsoft Active Directory (AD) and Entra ID (formerly Azure AD) are that perimeter. When compromised, these systems expose everything: users, access, applications, and core business operations. For CISOs and IT leaders tasked with securing and sustaining identity services, traditional recovery methods often fall short—too slow, fragmented, or insecure for today's hybrid enterprises.

Rubrik’s Hybrid Identity Recovery delivers the speed, visibility, and resilience modern organizations require, enabling businesses to bounce back quickly from ransomware, insider threats, or operational failures—without reintroducing risk.

The Threat Landscape is Escalating:

Read More

Microsoft is making changes to their Secure Future Initiative (SFI) and the principle of “Secure by Default.” The updates to Microsoft 365 default settings will strengthen your tenant’s security and meet essential benchmarks. These changes focus on addressing vulnerabilities associated with outdated authentication protocols and app access permissions that could increase risks to organizations.

When this will happen:

These changes will begin rolling out in mid-July 2025 and are expected to be completed by August 2025.

How this affects your organization

The following settings will be updated:

Read More

The Cybersecurity Maturity Model Certification (CMMC) is on track to become a core requirement for defense contractors. However, before CMMC can be included in Department of Defense (DoD) contracts, a key regulation must take effect: Title 48 of the Code of Federal Regulations (48 CFR).

If your organization does business with the DoD—or hopes to—you need to understand this rule and how it will impact your eligibility to win and maintain government contracts.

What Is 48 CFR?

48 CFR is part of the Federal Acquisition Regulation (FAR) System, which governs how the federal government procures goods and services. Within this system, the Defense Federal Acquisition Regulation Supplement (DFARS) adds DoD-specific rules. The 48 CFR rule specifically integrates CMMC 2.0 into the DFARS. In short, this rule establishes cybersecurity requirements as a contractual obligation—not just policy guidance.

How 48 CFR Connects to CMMC 2.0

Read More

Pure recently launched its Pure Storage AI Copilot, which uses telemetry and AI models to assist IT teams in diagnosing performance issues, detecting security incidents such as ransomware, and simplifying storage management. This natural language assistant enables customers to check array performance, identify capacity concerns, and assess data security compared to their peers. It offers a significant advancement in troubleshooting and remediation for storage administrators.

AI Copilot Key Capabilities:

• Natural Language/Conversational Interface
  Ask plain-English questions (e.g., “Which volumes have high latency?”) and receive clear, actionable answers and remediation steps.
• Troubleshooting
  Automatically diagnoses storage performance issues such as latency, utilization, or hardware issues through step-by-step AI-guided analysis.
• Cyber Resilience & Security

Read More

Earlier this month, Pure Storage and Nutanix announced a partnership to deliver a deeply integrated solution that delivers operational efficiency for storage-intensive workloads, including AI applications. This combined solution brings together Nutanix hyperconverged infrastructure (HCI) integrated with Pure’s high-performance FlashArray.

Daymark has longstanding, strategic channel partnerships with both Pure and Nutanix. We’re excited about how this integrated solution can help our customers maximize their investments by providing a modern and simplified IT infrastructure. Here are highlights of the newly announced features and benefits:

Simplified Infrastructure with Maximum Performance

Read More

Is your organization ready to modernize its security operations with Microsoft Azure Sentinel — but unsure where to start? Whether you're just beginning your Sentinel journey or looking to maximize your existing investment, Daymark’s expert-led Proof of Concept (PoC) provides the hands-on experience and technical guidance you need.

Protecting your organization from sophisticated cyber threats requires more than isolated tools and fragmented systems. Microsoft Azure Sentinel — a cloud-native Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solution — offers a unified approach to modern security operations — but success depends on knowing how to deploy and use it effectively.

Read More

Is your organization struggling to balance mobile security with employee productivity? Are you confident that only secure, compliant devices can access your business applications? You are not alone. In today’s hybrid and mobile-first work environment, organizations face the challenge of securing corporate data while ensuring employees can work efficiently from anywhere. Without a comprehensive mobile device management (MDM) solution, companies risk data breaches, unauthorized access, and compliance violations.

Daymark’s Microsoft Intune Workshop

Daymark is here to help. With our Microsoft Intune Workshop, your organization can learn how to gain complete control over mobile security, streamline IT operations, and empower your workforce with seamless and secure access to business applications—no matter where they work.

Read More

In today’s cloud-driven world, controlling cloud costs without sacrificing performance is a key challenge. Microsoft Azure FinOps (Financial Operations) is a framework that brings a strategic approach to managing cloud expenditures, transforming it from a guessing game into a structured process. For businesses utilizing Azure, learning FinOps fundamentals can unlock new cost-saving opportunities and enhance collaboration across finance, IT, and business teams.

Daymark Solutions’ comprehensive Azure FinOps workshop offers hands-on labs, expert-led discussions, and interactive exercises designed to teach critical cost management skills. Participants dive into rightsizing Azure resources, managing orphaned resources, and leveraging Azure’s unique cost-saving options like Azure Hybrid Benefit, Reserved Instances, and Azure Savings Plans. Each session balances theory with practical exercises to build a solid foundation for financial governance within Azure environments.

Read More

On October 15, 2024, the final rule for the Cybersecurity Maturity Model Certification (CMMC) program was officially published. This rule, codified as 32 CFR, becomes effective on December 16, 2024. The CMMC journey began in 2019 with DFARS Case 2019-D041, and after four years of development, the rule is now finalized. Let’s take a look at the history of the CMMC timeline, what's to come, and how organizations can prepare for what is next.

CMMC Rulemaking Timeline

The rulemaking process illustrated in the graphic below shows a high-level workflow from the Government Accountability Office (GAO).

Figure 1: GAO Federal Rulemaking

Read More