UPCOMING IN-PERSON EVENTS: The Schellman team will be around the country at events the week of June 5th

Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Federal | NIST | CMMC

By: STEPHEN HALBROOK
September 14th, 2022

Stephane Nappo once said, “it takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” 

Blog Feature

Federal | NIST | NIST SP 800-Series

By: Schellman
February 23rd, 2022

When it comes to IKEA, we’d all probably agree that the Swedes make some great flat pack furniture that can either upgrade your space or just do in a pinch.

Blog Feature

Cybersecurity | NIST | Zero Trust

By: BRYAN HARPER
June 30th, 2021

Background First coined in 1994 by Stephen Marsh in his doctoral thesis, Formalising Trust as a Computational Concept, the term Zero Trust was later popularized by a Gartner research analyst. Some years later in 2011, when Google announced its internal implementation of Zero Trust architecture, the concept helped spark a new, wide-spread interest in the technology and security communities. In response to this increased public interest, the National Institute of Standards and Technology (NIST), in coordination with the National Cybersecurity Center of Excellence (NCCoE), developed a special publication (SP 800-207) on Zero Trust architecture and have since published additional information on implementation practices.

Blog Feature

HIPAA | Cybersecurity | NIST

By: DEBBIE ZALLER
June 10th, 2021

In January of 2021, the Department of Health and Human Services issued an amendment to the Health Information Technology for Economic Clinical Health (HITECH) Act regarding certain security practices of covered entities and business associates. They define adequate security practices as “standards, guidelines, best practices, methodologies, procedures, and processes developed under section 2(c)(15) of the National Institute of Standards and Technology Act, the approaches promulgated under section 405(d) of the Cybersecurity Act of 2015, and other programs and processes that address cybersecurity and that are developed, recognized, or promulgated through regulations under other statutory authorities.”

Blog Feature

Cybersecurity | Federal | NIST

By: JAI CHANDARANA
October 31st, 2018

The 2018 National Institute of Standards and Technology (NIST) Cyber Security Framework is an updated version of the first version published in 2014. Notably, the two versions of the framework have some similarities as well as differences. Generally, the NIST CSF was designed for organizations as well as other private institutions to manage risks and threats emanating from cyber security. Both the 2018 and 2014 versions have five major processes, which include: identify, protect, detect, respond and recover.