If your organization operates in the defence supply chain, CMMC 2.0 and CPCSC compliance are becoming essential for maintaining and winning contracts. Ammolite Security makes the process clear and achievable. Our team of defence-aligned cybersecurity experts works alongside you to identify gaps, protect sensitive information, and build a practical, efficient path to compliance that fits your organization. As requirements are rapidly being enforced across the supply chain, acting early can be the difference between winning and losing contracts.

What sets Ammolite apart is the depth of expertise and real-world experience behind every engagement. Trusted by organizations across defence, government, and critical infrastructure, we deliver more than compliance. With advanced capabilities in AI-driven risk analysis, quantum-resilient security, and secure communications, we help position your organization as a trusted, resilient partner.

We are currently supporting organizations preparing for CPCSC compliance, including those exploring potential grant funding opportunities.

If your organization is exploring these opportunities, email us at info@ammolitesecurity.com to start the conversation with our team.

Know where you stand before compliance requirements impact your contracts.

Stryker Attack Raises Concerns About Role of Device Management Tool

Researchers warn that Microsoft Intune may have been weaponized to wipe critical devices.

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

Threat Groups Target Cyber-Physical Systems to Disrupt Critical Infrastructure Providers

The Iran war has raised concerns that key industrial sectors could be the target of hacktivists, state actors, and other groups.

A DarkSword Hangs Over Unpatched iPhones 

Researchers at Google have identified an iOS exploit chain, named DarkSword, that has been used since late last year by multiple actors to infect iPhones with malware in targeted attacks. 

Empower Your People. Strengthen Your First Line of Defence with Corporate Training.

Cyber threats are increasing in speed and sophistication, with the average cost of a cyberattack now exceeding $300,000. Your strongest defence is an informed, prepared workforce. 

Ammolite Security delivers customized corporate cybersecurity training designed to help your team: 

• Recognize threats early 

• Respond with confidence 

• Reduce human risk across your organization 

Led by experts with backgrounds in defence, law enforcement, and adult education, training is hands-on, engaging, and tailored to your organization. Programs can be delivered virtually or on-site through workshops, simulations, labs, and applied exercises. 

Build a cyber-aware culture and strengthen your first line of defence.

CyberAlberta has issued a threat intelligence advisory warning Canadian organizations to review their cybersecurity posture following the February 28 military strikes against Iran by the United States and Israel.

The advisory notes that Iranian-aligned cyber threat actors may respond with cyber-enabled operations targeting organizations in allied countries, including Canada. These activities could include spear phishing campaigns, exploitation of known vulnerabilities, ransomware and extortion operations, Distributed Denial of Service (DDoS) attacks, and disruptive website defacements.

Organizations operating in sectors such as energy, oil and gas, and critical infrastructure may face increased risk, particularly those with supply chain ties or operations in the Middle East.

CyberAlberta recommends that organizations review their cybersecurity posture and ensure that vulnerabilities are identified and mitigated before they can be exploited.

You can review the full CyberAlberta Threat Intelligence Report here:

The Conduent Breach: from 10 Million to 25 Million (and Counting)

The Conduent breach has quietly grown into one of the biggest third-party data incidents in U.S. history, and the real story now is how many different programs and employers are swept up in it, even for people who have never heard of Conduent.

CISA Adds Two Known Exploited Vulnerabilities

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates

Both sides conduct hacking and other attacks, including the deployment of wiper malware, DDoS, and disruptions to critical infrastructure.

Canadian Tire Data Breach Impacts 38 Million Accounts

Names, addresses, email addresses, phone numbers, and encrypted passwords were compromised in the attack.

Strengthen Your Cybersecurity Processes with Expert-Led Tabletop Exercises

Cyber incidents are evolving faster than ever, and the stakes continue to rise. IBM's 2025 Cost of a Data Breach Report found that the U.S. average breach cost has reached a record $10.22 million, with critical infrastructure sectors among the hardest hit.

Ammolite Security's expert-led tabletop exercises give your organization a proactive way to strengthen readiness. Tailored for oil and gas, energy, and infrastructure sectors, these sessions simulate real-world threats and help leadership and IT teams identify gaps, improve response protocols, and make high-impact decisions before a breach occurs

Cyber threats are rising in speed and sophistication, and the average cost to remediate a cyberattack now exceeds $300,000. Your strongest defence is an informed, prepared workforce. Ammolite Security delivers customized corporate cybersecurity training that equips both technical and non-technical teams with the practical skills they need to recognize risks, respond confidently, and protect your organization from evolving threats.

Designed and led by industry experts with backgrounds in defence, law enforcement, and adult education, Ammolite’s training is hands-on, engaging, and tailored to your organization’s needs. Programs can be delivered virtually or on-site through workshops, simulations, labs, and applied exercises across areas such as cybersecurity, AI, cloud computing, systems design, and emerging technologies.

Build a cyber-aware culture across your organization and turn your people into your first line of defence. Book a complimentary 30-minute consultation with an Ammolite training expert to design a program that fits your team, schedule, and goals.

Russian Ransomware Hackers Allegedly Hit Tulsa Airport in Cyberattack, Dump Private Files Online as Proof

Russian ransomware operators Qilin have claimed to have broken into Tulsa International Airport and stolen an unspecified amount of sensitive company data.

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

Cyber Centre Releases Ransomware Threat Outlook 2025 to 2027

The Canadian Centre for Cyber Security (Cyber Centre), part of the Communications Security Establishment Canada (CSE), released its Ransomware Threat Outlook 2025 to 2027, its latest assessment of ransomware threats facing Canada.

CMMC 2.0 & CPCSC Compliance Support for Defence Subcontractors

CMMC 2.0 is now in effect under 32 CFR Part 170, with requirements being phased into defence contracts through 2028. If your organization handles Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), you may now need to complete a self-assessment or third-party audit to stay eligible for U.S. and Government of Canada defence work. 

Ammolite Security helps defence subcontractors prepare with confidence, offering practical CMMC and CPCSC readiness assessments, clear compliance roadmaps, policy and control development, training, and audit preparation. Our team makes complex requirements easier to understand and easier to meet.

Cyber incidents are evolving faster than ever, and the stakes continue to rise. IBM's 2025 Cost of a Data Breach Report found that the U.S. average breach cost has reached a record $10.22 million, with critical infrastructure sectors among the hardest hit.

Ammolite Security's expert-led tabletop exercises give your organization a proactive way to strengthen readiness. Tailored for oil and gas, energy, and infrastructure sectors, these sessions simulate real-world threats and help leadership and IT teams identify gaps, improve response protocols, and make high-impact decisions before a breach occurs.

Spanish Energy Company Endesa Hacked

Hackers stole complete customer information, including contact details, national identity numbers, and payment details.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

BreachForums Database Breach Exposes Details of Over 324K User Accounts

The newest version of the infamous BreachForums cybercrime marketplace has reportedly experienced another security lapse, with its user database table appearing online.

Empowering Electric Utilities with NERC CIP Compliance

As cyber threats to critical infrastructure continue to grow, electric utilities face increasing pressure to meet NERC Critical Infrastructure Protection (CIP) requirements. NERC CIP compliance is essential to protecting the reliability of the bulk power system, reducing cyber risk, and avoiding significant regulatory penalties that can reach up to $1M per day per infraction.

Ammolite Security supports electric utilities with practical, regulator-informed NERC CIP solutions, including customized training, comprehensive gap assessments, and ongoing remediation support. Our consultative approach focuses on real-world implementation, helping organizations strengthen cybersecurity posture while achieving defensible, sustainable compliance.

CMMC 2.0 is now in effect under 32 CFR Part 170, with requirements being phased into defence contracts through 2028. If your organization handles Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), you may now need to complete a self-assessment or third-party audit to stay eligible for U.S. and Government of Canada defence work.

Ammolite Security helps defence subcontractors prepare with confidence, offering practical CMMC and CPCSC readiness assessments, clear compliance roadmaps, policy and control development, training, and audit preparation. Our team makes complex requirements easier to understand and easier to meet.

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.

Pro-Russia Hacktivists Conduct Opportunistic Attacks Against U.S. and Global Critical Infrastructure

Over the past several years, the authoring organizations have observed pro-Russia hacktivist groups conducting cyber operations against numerous organizations and critical infrastructure sectors worldwide.

Cybersecurity Concerns are Paramount Among Executives in Almost All Roles, Regions, and Industries

A new survey finds widespread agreement that security is one of the biggest challenges facing companies today.

Build A Cyber-Ready Workforce with Customized Corporate Training

Cyber threats continue to grow in cost and complexity, making employee awareness and capability a critical line of defence.

Ammolite Security delivers customized corporate cybersecurity training designed for both technical and non-technical teams, helping organizations reduce risk, upskill their workforce, and respond effectively to evolving threats. Led by defence and law-enforcement cyber experts and built by adult learning specialists, our flexible programs are delivered virtually or on-site and tailored to your organization’s needs, roles, and schedule.

Empower your people and strengthen your security posture.

Ammolite Security, in partnership with Myntex Inc., proudly represented Canada at NATO’s SHINE 2025 in Istanbul, Türkiye. Together with international collaborators, including the UK Ministry of Defence, Sma-RTy (Italy), Microamp (Poland), and ULAK (Türkiye), our team demonstrated a portable, quantum-resilient 5G network engineered to deliver secure, high-speed communications in contested and high-threat environments.

This multinational effort marks a pivotal step in advancing tactical communications, cyber resilience, and operational readiness for NATO and allied forces. Our work reflects Ammolite’s commitment to developing sovereign, secure, and future-ready technologies that strengthen defense and critical infrastructure across the globe.

Surge in £20k Keyless Car Theft Gadgets Sparks Security Concerns

Keyless car theft devices worth £20k fuel organized crime, prompting urgent legal action and renewed focus on vehicle security.

Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications

CISA is aware of multiple cyber threat actors actively leveraging commercial spyware to target users of mobile messaging applications (apps).

Ransomware Attack Disrupts Local Emergency Alert Systems Across US

The OnSolve CodeRED platform has been targeted by the Inc Ransom ransomware group, resulting in disruptions and a data breach.

Mounting Hacktivist Attacks Compromise Canadian Critical Infrastructure

BleepingComputer reports that online industrial control systems in critical infrastructure organizations across Canada were noted by the Canadian Centre of Cyber Security to have been subjected to intensified hacktivist intrusion.

Strengthen Your Cybersecurity Processes with Expert-Led Tabletop Exercises

Test your team’s response to real-world threats with an expert-led tabletop exercise from Ammolite Security. Identify gaps, improve coordination, and gain actionable insights to strengthen your defenses.

“Ammolite Security guided a structured and thoughtful session that helped us identify areas of strength and improvement.” — Cory Robbins, WCB Alberta

Ammolite Security, in partnership with Myntex, proudly represented Canada at NATO’s GLOW 2025 innovation event in Portugal, part of the NATO Innovation Continuum. Together, the companies demonstrated a post-quantum-secure communications platform designed to protect allied defenses against weaponized malware, spyware, and future quantum threats.

The joint experiment supports NATO’s 5G Testbed Portability initiative, delivering resilient, sovereign communications through a hardened mobile operating system, encrypted messaging, and portable infrastructure that operates independently of third-party cloud providers.

“Our collaboration with Myntex highlights the strength of Canadian innovation in addressing some of the world’s most pressing cybersecurity challenges,” said Cara Wolf, CEO of Ammolite Security.

“Amazing work from Ammolite Security and Myntex Inc. representing Alberta and Calgary in the NATO Innovation Continuum to accelerate the adoption of emerging and disruptive technologies across the Alliance,” said Nate Glubish, Alberta’s Minister of Technology and Innovation. “We are fast emerging as a global leader in cybersecurity, and it’s great to see that it is being noticed by NATO and NATO Allied Command Transformation (ACT).”

The project continues toward SHINE 2025 in Türkiye, where final demonstrations will showcase the next generation of secure, zero-trust communications for defense and critical infrastructure.

Hackers Extorting Salesforce After Stealing Data from Dozens of Customers

Salesforce says the extortion attempts are related to past unsubstantiated incidents, and not to fresh intrusions.

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on October 2, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

Canadian Airline WestJet Says Some Customer Data Stolen in June Cyberattack

The attack occurred during the same period when Scattered Spider had begun to pivot toward the aviation sector.

Strengthen Your Cybersecurity Processes with Expert-Led Tabletop Exercises

Test your team’s response to real-world threats with an expert-led tabletop exercise from Ammolite Security. Identify gaps, improve coordination, and gain actionable insights to strengthen your defenses.

“Ammolite Security guided a structured and thoughtful session that helped us identify areas of strength and improvement.” — Cory Robbins, WCB Alberta

The Department of Defense has finalized CMMC 2.0 rules, making certification a contract requirement starting November 2025. Contractors must now demonstrate the right CMMC level through self-assessments, certified third-party assessments, or DIBCAC reviews before being eligible for award. Delays, failed audits, or incomplete Plans of Action and Milestones (POA&Ms) can jeopardize both compliance and revenue.

Ammolite Security helps organizations stay ahead with CMMC pre-assessments and gap analyses. Our experts review your systems against all 110 NIST SP 800-171 requirements and 320 control objectives, identifying weaknesses before a formal audit uncovers them. You gain a clear roadmap, actionable recommendations, and the confidence that your security posture meets evolving DoD expectations.

By engaging Ammolite Security, your leadership team secures more than compliance. It builds resilience, protects reputation, and ensures eligibility for future contracts.

Jaguar Land Rover Admits Data Breach Caused by Recent Cyberattack

After announcing that the cyberattack-caused disruption to factories would continue, Jaguar Land Rover is now confirming a data breach.

CISA Releases Fourteen Industrial Control System Advisories

CISA released fourteen Industrial Control Systems (ICS) advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

Emails and Phone Numbers Accessed in Cyberattack, Federal Government Says

The federal government says individuals’ email addresses and phone numbers associated with Canada Revenue Agency, Employment and Social Development Canada, and Canada Border Services Agency accounts were accessed in a cyberattack.

Corporate Training Course:

Artificial Intelligence for Cyber Defense

Transform your cybersecurity skills with our 12-week Artificial Intelligence for Cyber Defense course. This 360-hour program blends hands-on training, real-world case studies, and peer learning, preparing you to combat advanced cyber threats using AI. Earn certifications like Certified Ethical Hacker, CompTIA Security+, and ISACA, while gaining practical experience through labs and work placements.

Cyber incidents are evolving faster than ever, and the stakes continue to rise. IBM’s 2025 Cost of a Data Breach Report found that the U.S. average breach cost has reached a record $10.22 million, with critical infrastructure sectors among the hardest hit.

Ammolite Security’s expert-led tabletop exercises give your organization a proactive way to strengthen readiness. Tailored for oil and gas, energy, and infrastructure sectors, these sessions simulate real-world threats and help leadership and IT teams identify gaps, improve response protocols, and make high-impact decisions before a breach occurs.

Google Falls Victim to Salesforce Cyberattacks

Google has become the latest victim in extortion group ShinyHunter’s exploitation of Salesforce databases, as the tech giant has disclosed a breach of company data.

CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization

The purpose of this advisory is to highlight identified cybersecurity issues, thereby informing security defenders in other organizations of potential similar issues and encouraging them to take proactive measures to enhance their cybersecurity posture.

WestJet Says Some Passengers' Personal Information Stolen in Cyberattack

Airline says passport information was compromised, but no credit or debit card information.

Corporate Training Course:

The Foundations of Cybersecurity Webinar Series

The Foundations of Cybersecurity webinar series can be a valuable resource for anyone looking to grasp the basics of cybersecurity, whether they’re beginners seeking an introduction or professionals aiming to refresh their understanding of core principles.

Organizations managing essential services face complex and evolving cyber threats that can disrupt operations, compromise safety, and damage reputations.

Ammolite Security’s Cybersecurity Assessments offer a comprehensive evaluation of your current security posture, helping you identify vulnerabilities, validate compliance with frameworks like NERC CIP, CMMC, and ISO 27001, and implement effective safeguards.

Ensure your systems are resilient, responsive, and ready for what’s next.

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild - No Patch Available

Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell”, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Major Railroad-Signaling Vulnerability Could Lead to Train Disruptions

A newly disclosed vulnerability in train braking systems could let hackers remotely stop trains with relatively simple and inexpensive hardware, potentially causing derailments.

Corporate Training Course:

Foundations of IoT Security

As our world becomes more connected, so do the risks. The Foundations of IoT Security webinar series offers practical strategies to secure devices, protect data, and strengthen your organization’s digital infrastructure. Learn how to stay ahead of evolving threats and safeguard what matters most.

The evolving landscape of cybersecurity regulations demands that defense subcontractors meet the rigorous standards of the Cybersecurity Maturity Model Certification (CMMC) and the Canadian Program for Cyber Security Certification (CPCSC). These frameworks safeguard sensitive information, strengthen supply chain security, and enhance national defense resilience.

Achieving compliance requires more than technical solutions; it involves a comprehensive approach to assessing current practices, addressing gaps, and ensuring readiness for certification. Understanding where your organization stands today is essential for protecting data and long-term contract viability.

If you’re ready to take the next step in your compliance journey, we’re here to help with expert insights and tailored strategies.

North American Airlines Targeted by CyberAttacks

At least two North American airlines have been victims of criminal hackers recently as the FBI and cybersecurity companies warn that a notorious cybercriminal group has been targeting the aviation industry.

CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment

CISA, in collaboration with the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), released a Fact Sheet urging organizations to remain vigilant against potential targeted cyber operations by Iranian state-sponsored or affiliated threat actors.

Update Your Chrome to Fix New Actively Exploited Zero-Day Vulnerability

Google has released an update for its Chrome browser to patch an actively exploited flaw. This update is crucial since it addresses an actively exploited vulnerability which can be exploited when the user visits a malicious website.

Corporate Training Course:

Cybersecurity Professional Fast Track

The cybersecurity industry is growing rapidly, and the demand for skilled professionals has never been higher. Ammolite Security’s Cybersecurity Professional Fast Track course equips you with the essential skills, hands-on experience, and globally recognized certifications needed to secure high-paying, entry-level positions in this critical field. Over 8 weeks, you’ll gain real-world training, resume support, and career coaching, ensuring you’re ready to step into the workforce with confidence.

Cyber incidents continue to grow in scale and complexity, disrupting operations, compromising systems, and driving up costs. According to IBM's 2024 report, the average cost of a data breach is now $4.35 million, with critical infrastructure sectors like oil and gas, and energy among the hardest hit.

Ammolite Security's expert-led tabletop exercises are a proactive way to assess your organization's readiness, identify gaps, and improve response protocols. Tailored for oil and gas, energy, and infrastructure sectors, these sessions simulate real-world threats, providing your leadership and IT teams with a structured environment to make high-impact decisions before a breach occurs.

Our specialists bring industry-specific scenarios, objective insights, and practical recommendations designed to improve operational continuity and regulatory readiness.

FBI Issues Critical Cyberattack Alert - Act Now as Victims Skyrocket

The Federal Bureau of Investigation has issued a joint cybersecurity advisory in conjunction with the U.S. Cybersecurity and Infrastructure Security Agency, as the number of confirmed observed victims of Play ransomware attacks skyrocketed in May.

CISA Releases Four Industrial Control System Advisories

CISA released four Industrial Control Systems (ICS) Advisories on June 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

Ransomware Attacks Jumped 46% Across Industrial Sectors: Honeywell

Cybersecurity threats have increased across manufacturing, construction, and other sectors, including a surge in activity targeting agriculture and food production.

Corporate Training Course:

Artificial Intelligence for Cyber Defense

Transform your cybersecurity skills with our 12-week Artificial Intelligence for Cyber Defense course. This 360-hour program blends hands-on training, real-world case studies, and peer learning, preparing you to combat advanced cyber threats using AI. Earn certifications like Certified Ethical Hacker, CompTIA Security+, and ISACA, while gaining practical experience through labs and work placements.

Earlier this month, Ammolite Security participated in NATO IGNITE 2025 in Calgary — a key milestone within the NATO Innovation Continuum. The event gathered defense leaders, technologists, and innovators from NATO and partner nations to accelerate the development of emerging and disruptive technologies supporting global security and digital transformation.

Ammolite contributed its quantum-resilient Zero Trust data protection platform, designed to secure communications across complex environments, including subsurface operations and space. Our platform aligns with NATO’s goals of strengthening cybersecurity infrastructure and advancing secure communication frameworks.

“The collaboration we experienced at NATO IGNITE in Calgary was inspiring. The intelligence shared was truly cutting edge,” said Cara Wolf, CEO of Ammolite Security. “We’re honoured to contribute to this global mission and look forward to the next phases in Portugal and Türkiye.”

Participation in this initiative reflects Ammolite’s continued commitment to advancing cybersecurity technologies that meet the evolving needs of defence, critical infrastructure, and commercial sectors.

Is Your Organization Prepared for Alberta’s New Security Regulation?

Starting May 31, 2025, Alberta’s new Security Management for Critical Infrastructure Regulation will come into effect. Organizations in the petroleum and natural gas sectors must implement a Security Management Program that aligns with the CSA Z246.1:21 standard.

These requirements are mandatory. Failing to comply may lead to regulatory penalties and increased risk exposure.

Ammolite Security provides the assessments, program development, and implementation support needed to help your organization meet this new standard.

Read the full details in our latest blog post and take the first step toward compliance.

Production at Steelmaker Nucor Disrupted by Cyberattack

American steel giant Nucor disclosed a cybersecurity incident that bears the hallmarks of a ransomware attack.

CISA Releases Thirteen Industrial Control System Advisories

CISA released thirteen Industrial Control Systems (ICS) Advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

Corporate Training Course:

The Foundations of Cybersecurity Webinar Series

The Foundations of Cybersecurity webinar series can be a valuable resource for anyone looking to grasp the basics of cybersecurity, whether they’re beginners seeking an introduction or professionals aiming to refresh their understanding of core principles.

Gain clarity on today’s top cybersecurity challenges. Our upcoming events and webinars deliver the knowledge and tools your organization needs to respond with confidence.

Webinar: Supply Chain Security in the Age of AI and OT
(May 9th, 2025 - 12:00 PST / 1:00 MST / 3:00 EST)

Hosted by the Alberta IoT Association, this session explores how AI-powered monitoring is transforming third-party risk management across IT and OT environments. Mike Wilkes of Ammolite Security shares strategies for identifying systemic vulnerabilities, advancing cybersecurity maturity, and aligning leadership - especially in Alberta's energy, manufacturing, and critical infrastructure sectors.

Strengthen Your Defenses:

Cybersecurity Assessments for Oil & Gas and Critical Sectors

In today's digital landscape, cyber threats target more than data, they disrupt operations, compromise safety, and impact the bottom line. According to the FBI, ransomware attacks on U.S. critical infrastructure surged by 9% in 2024, highlighting the increasing urgency for proactive cybersecurity measures.

Read more on Reuters.

Ammolite Security's comprehensive cybersecurity assessments help organizations across industries, including the Oil & Gas, Energy, and Critical Infrastructure sectors, identify vulnerabilities, strengthen defenses and ensure compliance with evolving security standards.

Our expert team takes a proactive approach, evaluate your IT and OT systems, assess third-party risks, and review incident response readiness to keep your business resilient against cyberattacks. Don't wait for a breach to expose weaknesses - take control now and secure your most valuable assets.

Countries Shore Up Their Digital Defenses as Global Tensions Raise the Threat of Cyberwarfare

Countries around the world are preparing for greater digital conflict as increasing global tensions and a looming trade war have raised the stakes.

Fast Flux: A National Security Threat

Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection.

Lantronix Device Used in Critical Infrastructure Exposes Systems to Remote Hacking

Lantronix’s XPort device is affected by a critical vulnerability that can be used for takeover and disruption, including in the energy sector.

Gain clarity on today’s top cybersecurity challenges. Our upcoming events deliver the knowledge and tools your organization needs to respond with confidence.

Webinar: The Power and Promise of AI

(April 16, 2025 - 9:00 PST / 10:00 MST / 12:00 EST)

Join Better Business Bureau of Canada for a dynamic discussion on how generative AI, large language models, and multimodal AI are reshaping business operations. Featuring Mike Wilkes, Senior Security Advisor at Ammolite Security, this session offers strategic insight - no technical background required.

Webinar: Supply Chain Security in the Age of AI and OT

(May 9th, 2025) - 12:00 PST / 1:00 MST / 3:00 EST)

Hosted by the Alberta IoT Association, this session explores how AI-powered monitoring is transforming third-party risk management across IT and OT environments. Mike Wilkes of Ammolite Security shares strategies for identifying systemic vulnerabilities, advancing cybersecurity maturity, and aligning leadership - especially in Alberta’s energy, manufacturing, and critical infrastructure sectors.

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on April 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

Port of Seattle Says Ransomware Breach Impacts 90,000 People

Port of Seattle, the U.S. government agency overseeing Seattle’s seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack.

Corporate Training Course: Cybersecurity Oversight for Boards

Cyber threats have become a boardroom priority, and as a director, trustee, or executive, you play a key role in overseeing cybersecurity, ensuring compliance, and mitigating risks that threaten finances, reputation, and legal standing. 

The evolving landscape of cybersecurity regulations demands that defense subcontractors meet the rigorous standards of the Cybersecurity Maturity Model Certification (CMMC) and the Canadian Program for Cyber Security Certification (CPCSC). These frameworks safeguard sensitive information, strengthen supply chain security, and enhance national defense resilience.

Achieving compliance requires more than technical solutions; it involves a comprehensive approach to assessing current practices, addressing gaps, and ensuring readiness for certification. Understanding where your organization stands today is essential for protecting data and long-term contract viability.

If you’re ready to take the next step in your compliance journey, we’re here to help with expert insights and tailored strategies.

Dark Storm Claims Responsibility for Attack on Elon Musk’s X

Elon Musk has blamed a ‘massive cyberattack’ for widespread X outages experienced by tens of thousands of users globally.

China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days

Dragos case study reveals that Volt Typhoon hacked US electric grid and stole information on OT systems.

Government of Canada Announces First Phase of Canadian Program for Cyber Security Certification

The Government of Canada is committed to implementing robust cyber security measures, which are fundamental to Canada’s economic stability and national security.

Corporate Training Course: Artifical Intelligence for Cyber Defense

Transform your cybersecurity skills with our 12-week Artificial Intelligence for Cyber Defense course. This 360-hour program blends hands-on training, real-world case studies, and peer learning, preparing you to combat advanced cyber threats using AI. Earn certifications like Certified Ethical Hacker, CompTIA Security+, and ISACA, while gaining practical experience through labs and work placements.

In today’s rapidly evolving threat landscape, cyber incidents can disrupt operations, compromise critical systems, and result in costly downtime. Ammolite Security’s expert-led tabletop exercises help organizations across industries — including oil and gas, energy, and critical infrastructure — identify vulnerabilities, test response protocols, and strengthen overall resilience.

Our experienced team delivers industry-specific threat scenarios, an objective perspective, and actionable recommendations tailored to your organization’s unique risk landscape. These interactive sessions empower your team to respond effectively and protect critical assets from emerging cyber threats.

Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

MGM Agrees To Pay $45 Million To Victims of 2019 Data Breach and 2023 Ransomware Attack

MGM Resorts International agreed to pay $45 million to settle multiple class action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023.

Canadian Companies Struggle to Defend Against Data Breaches as Incidents Mount

Despite the rising frequency of data breaches, many Canadian businesses remain unprepared, with the cost of attacks escalating as cybercriminals evolve their tactics.

Corporate Training Course: Cybersecurity Oversight for Boards

Cyber threats are a boardroom priority. As a director, trustee, or executive, you play a key role in overseeing cybersecurity, ensuring compliance, and mitigating risks that threaten finances, reputation, and legal standing.

Ammolite Security’s Cybersecurity Oversight for Boards training equips you with the knowledge and skills to confidently navigate cyber risk governance, make strategic security decisions, and protect your organization’s future.

In today’s digital landscape, cyber threats target more than data - they disrupt operations, compromise safety, and impact the bottom line. Ammolite Security’s comprehensive cybersecurity assessments help organizations across industries, including Oil & Gas, Energy, and Critical Infrastructure, identify vulnerabilities, strengthen defenses, and ensure compliance with evolving security standards.

Our expert team takes a proactive approach, evaluating IT and OT systems, third-party risks, and incident response readiness to keep your business resilient against cyberattacks. Don’t wait for a breach to expose weaknesses - take control today and protect your most valuable assets.

Hacker Claims 20 Million OpenAI Logins Taken

An anonymous Russian-speaking hacker is claiming to have stolen the login credentials of 20 million OpenAI users and is offering the data for sale on the dark web.

U.S Lawmakers Push to Ban DeepSeek from Government Devices

The United States is taking a firm stance against potential cybersecurity threats from artificial intelligence (AI) applications with direct ties to foreign adversaries.

U.S Community Health Center Hacked - 1 Million Patients Data Stolen

Community Health Center, a Connecticut-based federally qualified health center, has disclosed a data breach following a criminal cyberattack on its systems.

Corporate Training Course: Cybersecurity Professional Fast Track

The cybersecurity industry is growing rapidly, and the demand for skilled professionals has never been higher. Ammolite Security’s Cybersecurity Professional Fast Track course equips you with the essential skills, hands-on experience, and globally recognized certifications needed to secure high-paying, entry-level positions in this critical field. Over 8 weeks, you’ll gain real-world training, resume support, and career coaching - ensuring you’re ready to step into the workforce with confidence.

Strengthen your organization’s defenses with expert-led tabletop exercises from Ammolite Security. These interactive sessions simulate real-world cybersecurity incidents to help your team identify vulnerabilities, test response protocols, and improve resilience.

When we recently facilitated a tabletop exercise for CyberAlberta members, participants highlighted its value in refining their preparedness and strengthening their incident response strategies. Our experienced team brings an objective perspective, realistic threat scenarios, and actionable recommendations that align with your organization’s unique risk landscape.

Take a proactive step towards safeguarding your critical assets.

Cyberattack Against Alberta Innovates Sparks Investigation

An Alberta Crown corporation says it recently experienced “network issues” after it was the target of a cyberattack.

Bill-C26: A New Chapter in Canadian Cybersecurity

A new era of cybersecurity has begun for federally regulated organizations.

Telcos Removing Huawei Equipment Left in Lurch After Trudeau Kills Cyber Bill

Prorogation killed Bill C-26, the law that would’ve forced companies to tear the gear out.

Corporate Training Course: Foundations of Cybersecurity Webinar Series

Take proactive steps to protect your business from cyber threats. This 15-session series, designed for manager and non-technical leaders, offers practice insights into cybersecurity fundamentals, risk management, and emerging threats. Led by top industry experts, each session combines engaging lectures with hands-on activities to equip you with actionable knowledge.

New regulations for CMMC and CPCSC are here, and compliance is no longer optional for defense subcontractors. Ammolite Security provides expert guidance and tailored solutions to help you meet these critical cybersecurity standards. With impending deadlines and heightened requirements, now is the time to act. Protect your contracts, secure sensitive data, and position your business for success in the defense sector with our comprehensive certification support.

‘Major Incident’: China-backed Hackers Breached US Treasury Workstations

The US Treasury Department notified lawmakers that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a ‘major incident.”

Critical Infrastructure Ransomware Attack Tracker Reaches 2,000 Incidents

Temple University’s Critical Infrastructure Ransomware Attacks (CIRA) database now contains over 2,000 entries.

Dental Group Lied Through Teeth About Data Breach, Fined $350,000

A US Chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an “accidentally formatted hard drive.”

Corporate Training Course: Cybersecurity Oversight for Boards

Designed for board members and senior executives, this high-impact training equips you to understand, manage, and mitigate cyber risks, ensuring compliance and resilience in today’s digital landscape.