In the dynamic world of business, where compliance is becoming more important either as requested assurance from customers or a key market differentiator, more and more organizations are turning to assessment firms to help them communicate these advantages. And while some will always look at compliance in the most oversimplified, checkbox manner, many customers and regulators recognize good (and poor) quality of delivery.

Like many of the other ISO standards, ISO 22301 features introductory clauses (1-3), and it also has its own fundamental clauses (4-10)—of these, clause 8 (Operation) is key to standing up the Business Continuity Management System (BCMS) and achieving ISO 22301 certification.

Though perhaps not as prominent as the widely known Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) certifications, the Certificate of Cloud Security Knowledge (CCSK) can also be helpful to cybersecurity professionals.

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.”

If you’re a penetration tester, you know that for any test or phishing campaign, you begin with setting up your infrastructure with a domain name and redirectors. You might also know that this step is straightforward, and many have created walkthroughs on different ways to architect and automate infrastructure deployments.

In the latest revision of documents pertinent to the ongoing CMMC countdown, NIST SP 800-171 R3 has been released. Though there were only a handful of changes in this new version, there were some significant ones regarding the assessment practices and their presentation that those monitoring the progress of CMMC should know.

Since the introduction of the new Data Privacy Framework (DPF) on July 17, 2023, many have begun familiarizing themselves with its seven principles as they ready themselves to comply. However, the DPF also features 16 supplemental principles, two of which—regarding self-certification and verification—also cover particularly important topics.

After 22 grueling hours of negotiations, policymakers within the European Union (EU) have reached a provisional agreement on new rules to govern the most powerful artificial intelligence (AI) models. They’re calling it the EU AI Act, and though yes—the provisions have been hashed out—disagreements surrounding the law enforcement of said provisions have led to a recess in the negotiations.