With the introduction of the Cybersecurity Maturity Model Certification (CMMC) program, contractors working with the U.S. Department of Defense (DoD) will be required to meet a certain level of cybersecurity maturity ensuring the protection of the involved sensitive information and data, specifically controlled unclassified information (CUI) and federal contract information (FCI).
With over two decades of HIPAA history behind us, more than a decade of mandatory compliance and federal compliance enforcement, and a shortage of resources to help hospitals achieve compliance, the healthcare industry is still plagued by non-compliance issues every year—particularly regarding risk and access management.
If you’re in healthcare, you likely already know that maintaining HIPAA compliance requires a very thorough risk assessment. What you may not know is that HIPAA risk assessments are also an aspect of the law that is too often overlooked.
The Cybersecurity Maturity Model Certification (CMMC) is a new framework that aims to better secure federal contract information (FCI) and controlled unclassified information (CUI) that is stored, processed, or transmitted by defense contractors and the entire defense industrial base (DIB).
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to protect cardholder data. One of the key (and almost always applicable) requirements of PCI DSS is that organizations must perform internal and external penetration testing for the entire scoped environment—this not only applies to systems that store, process, or transmit cardholder data, but also those that can impact the security of cardholder data.
If you’ve ever owned a home in a neighborhood that has a homeowners association, you likely know that you have to pay those fees to avoid a lien being placed on your property, which could complicate your life in annoying ways. But on the flip side, paying those fees should mean you also reap the benefits like landscaping, community pool management, security, or maintenance.
Now that artificial intelligence (AI) has more fully engrained itself into the digital world and economy, it makes sense that the American Institute of Certified Public Accountants (AICPA)—as the organization that sets the most recognized auditing standards in the U.S.—would have an opinion on AI use, particularly in terms of the possibility of related SOC-compliance issues.