Which NIST Standard Is Most Important for Small Businesses?
by Andrew Paull on July 19, 2024 at 2:53 PM
Navigating the complexities of cybersecurity can be challenging for small businesses, but the National Institute of Standards and Technology (NIST) offers robust frameworks to help. This blog analyzes the various NIST initiatives and guidelines designed to enhance cybersecurity for sm …
NIST Cybersecurity Framework 2.0 – Key Takeaways
by Derek Boczenowski on March 7, 2024 at 1:30 PM
Last week, the National Institute of Standards and Technology (NIST) unveiled the second version of its Cybersecurity Framework (CSF), marking the first major new updates to NIST CSF since the framework's inception ten years ago. Initiated by Executive Order 13636, the development of …
Transitioning to CMMC 2.0 – The Five Stages of Grief
by Derek Boczenowski on November 10, 2021 at 2:46 PM
Late last week, the Pentagon put out a memo that stuck a knife in the heart of CMMC 1.0, to replace it with the new and shiny CMMC 2.0! CMMC is dead, long live CMMC!
An Introduction to CMMC Compliance
by Kyle Daun on September 30, 2021 at 1:00 PM
On January 31st, 2020, the Department of Defense (DoD) announced the release of the Cybersecurity Maturity Model Certification (CMMC), a framework aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (DIB), as it relates to Controlled Unclassified …
Stop Running from Privacy! Use the NIST Privacy Framework
by Jerry Hughes on February 19, 2020 at 1:00 PM
Take a look at your recent SOC 2 Type ll Service Organization Audit, where there are five Trust Service Criteria (Security, Confidentiality, Processing Integrity, Availability, and Privacy). How about your last Health Insurance Portability and Accountability Act (HIPPA) Audit, where t …
The NIST Cybersecurity Framework – The Recover Function
by Kyle Daun on July 19, 2018 at 10:30 AM
You made it! The hard work and determination to protect your organizational assets has paid off. You were able Respond to the cybersecurity event and mitigate the long-lasting damages that the cybercriminals tried to employ on you. Now that the event is contained and eradicated, recov …