UPCOMING IN-PERSON EVENTS: The Schellman team will be around the country at events the week of June 5th
The Schellman Blog
Stay up to date with the latest compliance news from the Schellman blog.
Stephane Nappo once said, “it takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”
Federal | NIST | NIST SP 800-Series
When it comes to IKEA, we’d all probably agree that the Swedes make some great flat pack furniture that can either upgrade your space or just do in a pinch.
Cybersecurity | NIST | Zero Trust
Background First coined in 1994 by Stephen Marsh in his doctoral thesis, Formalising Trust as a Computational Concept, the term Zero Trust was later popularized by a Gartner research analyst. Some years later in 2011, when Google announced its internal implementation of Zero Trust architecture, the concept helped spark a new, wide-spread interest in the technology and security communities. In response to this increased public interest, the National Institute of Standards and Technology (NIST), in coordination with the National Cybersecurity Center of Excellence (NCCoE), developed a special publication (SP 800-207) on Zero Trust architecture and have since published additional information on implementation practices.
HIPAA | Cybersecurity | NIST
In January of 2021, the Department of Health and Human Services issued an amendment to the Health Information Technology for Economic Clinical Health (HITECH) Act regarding certain security practices of covered entities and business associates. They define adequate security practices as “standards, guidelines, best practices, methodologies, procedures, and processes developed under section 2(c)(15) of the National Institute of Standards and Technology Act, the approaches promulgated under section 405(d) of the Cybersecurity Act of 2015, and other programs and processes that address cybersecurity and that are developed, recognized, or promulgated through regulations under other statutory authorities.”
Cybersecurity | Federal | NIST
The 2018 National Institute of Standards and Technology (NIST) Cyber Security Framework is an updated version of the first version published in 2014. Notably, the two versions of the framework have some similarities as well as differences. Generally, the NIST CSF was designed for organizations as well as other private institutions to manage risks and threats emanating from cyber security. Both the 2018 and 2014 versions have five major processes, which include: identify, protect, detect, respond and recover.