Artificial Intelligence | ISO 42001
By:
Danny Manimbo
August 18th, 2025
As the need for innovative artificial intelligence grows, regulatory bodies are working quickly to create frameworks that balance acceleration with safety, accountability, and trust. Notably, the European Union’s AI Act is poised to reshape how organizations approach AI governance, especially when it comes to general-purpose AI (GPAI) models.
Cybersecurity Assessments | Federal Assessments
By:
Douglas Barbin
August 13th, 2025
This signals document reviews the current state of software security initiatives in the federal government and the Department of Defense (DoD), highlighting key programs and policies aimed at enhancing cybersecurity. This includes the recent Executive Order 14306 (signed on June 6th), the DoD’s new Software Fast Track (SWFT), and SSDF and associated CISA attestations under the Biden Administration, part of which were rescinded via Executive Order 14144.
Artificial Intelligence | ISO 42001
By:
Danny Manimbo
August 11th, 2025
The global push to both regulate and strategically accelerate the development of artificial intelligence (AI) has gained momentum over the past year, resulting in a diverse landscape of evolving frameworks, policies, and executive directives. In the United States, this dual focus on oversight and innovation has translated into a series of executive orders and formal federal AI governance initiatives.
By:
Matt Hungate
August 7th, 2025
The FedRAMP 20x pilot marks the most significant shift in federal cloud security in over a decade. Launched in May 2025, the program aims to modernize the authorization process by emphasizing speed, automation, and real-time security validation. For organizations pursuing Low Baseline authorization, the 20x path offers a faster, more efficient entry point into the federal market.
SOC Examinations | Artificial Intelligence | SOC 2
By:
Avani Desai
August 4th, 2025
Have you read the recently released America’s AI Action Plan yet? If so, you know that it’s full of ambitious goals to strengthen the country’s leadership in artificial intelligence. For me, one part in particular stood out immediately, the White House issued a clear call to action to the data center industry.
FedRAMP | Federal Assessments | CMMC
By:
Tim Walsh
July 28th, 2025
Organizations seeking to work with the US government today must navigate a growing array of compliance requirements. Among the most prominent security frameworks are the Cybersecurity Maturity Model Certification (CMMC) and Federal Risk and Authorization Management Program (FedRAMP), each playing a critical role in securing federal information and systems.
Cybersecurity Assessments | Compliance and Certification
By:
Kate Weber
July 23rd, 2025
As the EU's digital landscape evolves, so does its regulatory environment. With the NIS2 Directive, the Cyber Resilience Act (CRA), and the Digital Operational Resilience Act (DORA) all advancing on different timelines, organizations must prepare for a complex yet increasingly harmonized set of cybersecurity and resilience expectations.
Compliance and Certification | Federal Assessments | Audit Readiness
By:
Andrew Daniel
July 22nd, 2025
The National Security Division (NSD) of the U.S. Department of Justice (DOJ) issued a Final Rule announcing a new Data Security Program (DSP) under Executive Order 14117: Preventing Access To Americans' Bulk Sensitive Personal Data And United States Government-Related Data By Countries Of Concern. Focused on protecting “covered data” transactions, the goal of the DOJ’s Final Rule is clear—prevent access to U.S government-related data and Americans’ sensitive personal data from: