By:
Marci Womack
November 9th, 2023
Back in August 2022—while rulemaking for the Cybersecurity Maturity Model Certification (CMMC) was ongoing (as it still is)—the Joint Surveillance Program (JSP) was sanctioned by the DoD and CyberAB as an interim step in the CMMC program that allowed organizations to pursue a formal DIBCAC High (NIST 800-171) assessment.
HITRUST | Healthcare Assessments
By:
Jerrad Bartczak
November 7th, 2023
To accommodate the ever-evolving cybersecurity threat landscape, HITRUST has released HITRUST CSF v11.2.0, updating its framework to include more pertinent concepts—one of the most notable additions is artificial intelligence (AI) risk management content.
ISO Certifications | ISO 42001
By:
DANNY MANIMBO
November 3rd, 2023
The regulation and responsible use of artificial intelligence (AI) has been a hot topic of 2023, prompting the release of NIST’s AI Risk Management Framework to help organizations secure this emerging tech. More standards are on the way that will address the need to implement safeguards addressing the security, safety, privacy, fairness, transparency, and data quality of AI systems throughout their life cycle—including ISO/IEC 42001.
Payment Card Assessments | PCI SSF
By:
Sully Perella
November 2nd, 2023
Comprised of both the PCI Secure Software Lifecycle (Secure SLC) Standard and PCI Secure Software Standard, the PCI Software Security Framework (SSF) is intended to help secure the design, development, and maintenance of software in payment environments. And while secure coding can be difficult, taking a conceptual approach to software development may make it—and PCI SSF compliance—a little easier.
HIPAA | Healthcare Assessments
By:
Schellman
October 31st, 2023
If you’re in healthcare, you likely already know that maintaining HIPAA compliance requires a very thorough risk assessment. What you may not know is that HIPAA risk assessments are also an aspect of the law that is too often overlooked.
By:
AVANI DESAI
October 30th, 2023
President Biden has issued a groundbreaking Executive Order to steer America toward leadership in harnessing the potential of artificial intelligence (AI) while managing its associated risks.
Payment Card Assessments | PCI DSS v4.0
By:
MATT CRANE
October 26th, 2023
To address some of the past confusion regarding the dating of PCI reports, the PCI Security Standards Council (SSC) has altered the report date methodology for PCI DSS v4.0 to provide more clarity and consistency to this process.
By:
Schellman
October 24th, 2023
The Cybersecurity Maturity Model Certification (CMMC) is a new framework that aims to better secure federal contract information (FCI) and controlled unclassified information (CUI) that is stored, processed, or transmitted by defense contractors and the entire defense industrial base (DIB).