NOTE: This blog was originally posted on February 27, 2024, when this bill was still in the proposal stage. As of March 13, 2024, the bill has been passed by both branches of the Florida legislature, and this content has been updated to reflect that progress.

When FedRAMP issued Revision 5 in May 2023, the changes included a new requirement for a red team exercise in addition to the already-mandated penetration test. Now that Rev 5 is officially being enforced as of 2024, organizations pursuing FedRAMP Authorization must get this new obligation right.

In the world of digital transactions and data security, the Payment Card Industry Data Security Standard (PCI DSS) serves as a crucial framework that ensures organizations handling payment card data maintain robust security measures. However, performing and passing PCI DSS assessments when you’ve deployed a Zero Trust Environment creates unique opportunities that challenge conventional notions of scope.

Stepping foot into Davos for the very first time was akin to entering a realm of unparalleled wonder. While getting the invitation itself had been surreal, actually walking in as a delegate of the Cyber Future Foundation felt like a dream materializing into reality.

More and more, organizations are turning a keener eye toward ESG initiatives. Though the Social Governance pillars are no less important, it’s the Environmental cornerstone of ESG that is commanding more scrutiny—more specifically, greenhouse gas (GHG) emissions.

Now that ISO 42001 has been published, organizations are looking more closely at possible adherence to this new standard for artificial intelligence (AI). But those familiar with established ISO standards will know that this new framework for regulating AI will be similarly rigorous and any opportunity to streamline certification—like a gap assessment—will be enormously advantageous.

As more aspects of society move online, digital assets—or any uniquely identifiable, discoverable thing that is stored online and used to realize value—have become increasingly prevalent, taking the form of data, cryptocurrencies, documents, credentials, and photos, among others.

Successfully managing your HIPAA risk means accounting for those introduced by your vendors that are supplementing existing business processes in different ways. Vendors can make you vulnerable in a variety of ways, which means a variety of solutions becomes necessary.