What It Means for the Present & the Future

Make pen testing easier while delivering a better report to your client. For testers in the application security (AppSec) arena, you know that we examine a lot of different areas, including authentication, authorization, encryption, logging, and so on, making for what’s become a staple in this job—the large lists of technical checks that grow even longer every time new issues are discovered and then added for testing. If you’ve worked in AppSec, you know that these tests can make for quite the effort, depending on the complexity of the app you’re working in.

We all know that cybercriminals are now a thing.

Schellman becomes the first compliance services firm authorized by the CMMC AB and the 5th C3PAO Overall October 19, 2021 (Tampa, FL) – Schellman is pleased to announce that we are now an authorized Cybersecurity Maturity Model Certification (CMMC) Third Party Assessment Organization (C3PAO). Overseen by the Department of Defense (DoD) alongside the CMMC Accreditation Body (CMMC AB), the CMMC program is designed to enforce consistent cybersecurity practices across the hundreds of thousands of defense contractors that participate in and make up the Defense Industrial Base (DIB). A group that now includes Schellman, C3PAOs are the independent assessment organizations that work alongside advisory and training providers to improve cybersecurity practices and protect the sensitive information maintained by the DIB participants.

As a Third Party Assessment Organization (3PAO), Schellman has been performing FedRAMP security assessments for Cloud Service Providers (CSPs) since 2014. During this time, we have seen our CSP clients pioneer technologies that provide federal agencies an opportunity to leverage new and innovative cloud services, all while modernizing their approach to building, deploying, and managing applications through containerization. Though this gradual shift to containerizing system components has increased CSPs’ operational efficiency and scale, it has also introduced new security risks to FedRAMP systems.

Every year, millions of people donate to nonprofit organizations with the hope of making a positive impact in their local and greater communities. These statistics speak for themselves:

Chris Smith from Schellman & Company, LLC Selected to Attend AICPA’s 2021 Leadership Academy Tampa, FL – August 3, 2021 – Schellman & Company, LLC, a leading provider of attestation and compliance services, is proud to announce that Chris Smith, CPA, CISSP, CISA, CIPP/US, ISO 27001 LA is one of only 30 CPAs to be honored by the American Institute of CPAs (AICPA) with a place as part of the Leadership Academy’s 13th graduating class. Chris was selected based on his exceptional leadership skills and professional experience for the four-day Leadership Academy program, which will take place virtually October 25-28, 2021.

These days, you can never have too many cybersecurity measures in place, particularly given how regularly threats continue to escalate and grow in sophistication. Now, many organizations are turning to, or considering adopting, Zero Trust (ZT)—a less traditional security model based on the principle of "never trust, always verify.”