NTLMv1 is ancient. NTLMv2 is aging. Kerberos is king. If you're still relying on NTLM for Windows auth, you're giving attackers a way in — relay, replay, pass-the-hash. 📌 Audit. Migrate. Harden. hubs.ly/Q03XZp4W0

Compliance frameworks (CIS, NIST, PCI, HIPAA…) expect baseline hardening — and ignoring GPO hardening leaves you exposed. Make it standard in your next audit. hubs.ly/Q03Y4Qny0

Local login: fine. But “interactive” login = direct path to your endpoint. If you’re not forcing secure login (Ctrl‑Alt‑Del, no cached creds, smart‑card or MFA) — you’re leaving a door open. Close it. 🔐 #CyberSecurity #EndpointSecurity #IAM hubs.ly/Q03XBnDn0

Want to know how your configuration hardening maps to real-world attacker behavior? 🔍 CIS Benchmarks + MITRE ATT&CK = meaningful mapping of secure configs to attacker tactics & techniques. Great way to see what you actually defend against. hubs.ly/Q03XBngV0

2025 has been a doozy for cybersecurity. More breaches. More AI uncertainty. Bigger attack surfaces. Our CEO @MatthewAlbum on what must change in 2026. hubs.ly/Q03YhWGd0

CIS + MITRE ATT&CK = stronger together. CIS gives you configuration hygiene. ATT&CK gives you adversary context. Use both to turn compliance into actual defense. hubs.ly/Q03XBnF90

Manual hardening is error‑prone and doesn’t scale. Use automated GPO baselines to enforce consistent security across your estate — and sleep easier at night. hubs.ly/Q03XBm6L0

Heads-up: poorly configured interactive logon settings leak usernames, enable brute‑force and credential‑dump attacks, and undermine compliance. Review your GPOs today — don’t let convenience trade away security. hubs.ly/Q03XBmz80

NTLM: one-way handshake. Kerberos: mutual trust with tickets. Guess which one attackers prefer? 👉 Kill legacy auth. Use Kerberos. hubs.ly/Q03XBnDp0

Hardening with CIS is just step one. Overlay MITRE ATT&CK to: ✅ Identify gaps in control coverage ✅ Prioritize what to harden next ✅ Understand which attacker techniques you mitigate If you care about real‑world resilience, don’t skip the mapping. hubs.ly/Q03XBnw_0

CIS shows you what to harden. MITRE ATT&CK shows you why it matters. Mapping them turns compliance into real-world defense. hubs.ly/Q03XBmtw0

This week on Ask Your SysAdmin: – Ask if they’re ok – Ask what they need – If they’re not on call, encourage them to log off Systems don’t maintain themselves. Neither do the people who maintain them. Happy holidays, whatever you celebrate.

🎉 CMMC is now enforceable. If you're planning to sell anything to the DoD in 2026—from bolts to ball bearings—you’ll need to be certified before you bid. New blog: what the rule means, what Level 2 requires, and why baseline hardening matters. hubs.ly/Q03Z9PZL0

🚨 Kicking off 2026 with a warm welcome to Dean Roberts our new Account Director for the UK & Ireland! 🇬🇧 12+ years in IT sales, 9 in cyber, and a passion for helping orgs secure their baseline. Plus: 4 kids, 3 cats, 1 dog, and a fabulous golf swing. Welcome to CalCom, Dean!

Sometimes compliance auditors take their work too seriously. This appeared in "Drift Happens" the CalCom newsletter. Sign up our website to get original gems like this, sharp takes on cybersecurity, compliance, and server hardening in your inbox. hubs.ly/Q040Dnh80

hhs.gov/hipaa/for-prof… OCR’s Jan 2026 newsletter spells it out: HIPAA-regulated entities must harden systems, manage vulnerabilities, and set security baselines to protect ePHI.

This great ZDnet article is aimed at consumers which is not our usual focus but we appreciate the link to our WannaCry post from a while back, and your effort to raise awareness. hubs.ly/Q040DpbH0

🎉Hey everyone, CalCom is growing again! Please welcome Omri Henderson-Mayo our new Operations Manager. Omri’s here to keep our business units running seamlessly, and he’s already made a difference in week one finding the friction and smoothing it over.

Want to know how your configuration hardening maps to real-world attacker behavior? 🔍 CIS Benchmarks + MITRE ATT&CK = meaningful mapping of secure configs to attacker tactics & techniques. Great way to see what you actually defend against. hubs.ly/Q040DnrX0

Back from CybertechTLV. great energy and sharp conversations all around. Our CEO, Matthew Album, hit the floor to connect with folks solving real problems in cyber. If we missed you, let’s talk compliance, hardening, and ops resilience.