.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
CJIS Security Policy v6.0: Key Changes & What They Mean
by Kelly O’Brien on February 10, 2025 at 2:15 PM
%20Security%20Policy%20v6.jpg)
The Criminal Justice Information Services (CJIS) Security Policy v6.0, released on December 27, 2024, introduces significant modernization efforts aimed at enhancing security, compliance, and risk management in handling Criminal Justice Information (CJI). As technology and cyber threa …
DoD Cloud Impact Levels Explained: IL2, IL4, IL5 & IL6
by Jake Dwares on January 15, 2025 at 12:59 PM
The security of information is a cornerstone of the Department of Defense's (DoD) operations. To safeguard sensitive data, the DoD has developed Impact Levels (ILs), a framework that categorizes information systems based on their sensitivity and the potential impact of a compromise. T …
New CJIS Requirements: What You Need to Know
by Kelly O’Brien on March 20, 2024 at 2:45 PM
In a recent Compass IT Compliance blog, we delved into the fundamentals of the Criminal Justice Information Services (CJIS) Security Policy (CSP), its applicability, and the criticality of CJIS Compliance, terminology, and the thirteen policy areas applicable at the time of that writi …
NIST Cybersecurity Framework 2.0 – Key Takeaways
by Derek Boczenowski on March 7, 2024 at 1:30 PM
Last week, the National Institute of Standards and Technology (NIST) unveiled the second version of its Cybersecurity Framework (CSF), marking the first major new updates to NIST CSF since the framework's inception ten years ago. Initiated by Executive Order 13636, the development of …
The SEC Cybersecurity Rules Are Now Effective – What You Need to Know
by William DePalma on January 24, 2024 at 1:00 PM
During the final week of July 2023, the U.S. Securities and Exchange Commission (SEC) unveiled new regulations focused on the reporting of cybersecurity events. This development coincides with a period marked by unprecedented levels of cyberattacks and their associated financial reper …
Businesses Can Learn From the Classified Pentagon Leak
by Jake Dwares on April 14, 2023 at 4:30 PM
.jpg)
On April 14th, 2023, 21-year-old Massachusetts Air National Guardsman Jack Teixeira appeared in federal court, accused of leaking classified documents in a Discord group titled “Thug Shaker Central”. Facing charges under the 1917 Espionage Act, Jack is looking at potential decades in …