Archive for the ‘Compliance’ Category

Cyber Insurance Explained

Thursday, February 22nd, 2024

What To Know About Cybersecurity Insurance The cybersecurity insurance sector is in the midst of significant transformation. Escalating premiums, shifting prerequisites, and inconsistent standards within the industry present formidable hurdles for organizations seeking coverage. Now is a critical moment for these organizations to gain insight into the evolving landscape of cyber insurance and ascertain the […]

Unlocking the Power of Vendor Security Questionnaires or VSQs: A Comprehensive Guide

Tuesday, November 28th, 2023

In today’s interconnected world, businesses often rely on an extensive network of vendors and third-party service providers to meet various operational needs. While outsourcing offers many advantages, it also exposes organizations to significant security risks. Vendor security questionnaires have emerged as a crucial tool for assessing and managing these risks effectively. In this comprehensive guide, […]

Google Cloud Penetration Testing

Monday, August 21st, 2023

Securing Your Cloud Infrastructure Google Cloud Penetration Testing: In today’s rapidly digitizing world, cloud environments have become essential to businesses of all sizes. With a massive surge in cloud adoption, ensuring security in these virtual environments is paramount. Google Cloud Platform (GCP) is a leading provider of cloud services, and penetration testing or “pen testing” […]

Building Digital Trust: The Identification and Authentication Pillars of NIST 800-171

Tuesday, August 15th, 2023

Introduction In today’s intricate digital ecosystem, one of the primary challenges is to ensure that the right individuals access the right resources, at the right time. Any lapse can lead to unauthorized access, data breaches, or system compromise. Addressing this challenge head-on is the Identification and Authentication family within the NIST (National Institute of Standards […]

NIST 800-171’s Configuration Management Family: Ensuring Stability Amidst Complexity

Tuesday, August 15th, 2023

Introduction In the sprawling world of cybersecurity, there’s a need to bring order to potential chaos. As systems and networks expand and diversify, so does their vulnerability to breaches. To navigate this complexity, a methodical approach is required, which the NIST (National Institute of Standards and Technology) Special Publication 800-171 provides. Among its components, the […]

Building Cyber Resilience: Unraveling NIST 800-171’s Awareness and Training Family

Tuesday, August 15th, 2023

Introduction In the fast-paced digital universe, as threats to data security multiply, organizations race to strengthen their defense mechanisms. Yet, while technology and infrastructures play vital roles, the human factor cannot be underestimated. Here’s where the NIST (National Institute of Standards and Technology) Special Publication 800-171 comes into focus. Designed to safeguard Controlled Unclassified Information […]

Unlocking NIST 800-171: A Deep Dive into the Access Control Family

Tuesday, August 15th, 2023

Introduction In the age of increasing digital threats and expanding data repositories, it’s no wonder that regulations and frameworks are ever-evolving to match the pace. The NIST (National Institute of Standards and Technology) Special Publication 800-171 is one such framework, designed to protect Controlled Unclassified Information (CUI) within non-federal systems and organizations. Among its core […]

NIST 800-172: Enhancing Security to Counter Advanced Cyber Threats

Tuesday, August 15th, 2023

Introduction In the rapidly evolving realm of cybersecurity, staying a step ahead of potential threats is paramount. The National Institute of Standards and Technology (NIST) plays a pivotal role in shaping cybersecurity guidelines to ensure data protection. Building on its established framework, NIST Special Publication 800-171, the institute introduced NIST 800-172, designed to enhance defense […]

Navigating the 110 NIST 800-171 Controls: Ensuring the Security of Controlled Unclassified Information

Tuesday, August 15th, 2023

Introduction The increasing importance of data security has ushered in various cybersecurity frameworks. Among the most prominent is the NIST Special Publication 800-171, which focuses on the protection of Controlled Unclassified Information (CUI) in non-federal systems. Boasting 110 controls spread across 14 families, this guideline offers a comprehensive approach to safeguarding sensitive data. A Deep […]

NIST 3.13.12: The Keystone of Use Session Protection

Tuesday, August 15th, 2023

Introduction Cybersecurity, in our digitized era, is akin to a game of chess. As the opponent evolves, so too must the defenses. Among the various guidelines and controls stipulated by the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171, Control 3.13.12 stands out for its emphasis on session protection. This often-overlooked aspect […]

Stringent Cyber Insurance Rules 

Sunday, May 1st, 2022

Businesses of every size and in every sector are at risk from growing cyber threats—those are just the facts. With awareness of the danger growing, more and more companies are looking at ways to protect themselves when they’re hit with a malware attack or data breach (and I do mean when, not if), which is […]

Multi-Factor Authentication Now Required to Get a Cyber Insurance Policy

Thursday, March 31st, 2022

With ransomware and malware attacks getting more frequent and sophisticated year after year, more businesses are waking up to the reality that it isn’t a matter of if their company is going to be hit, but when. By 2025, global cybercrime is estimated to cost over $10.5 trillion annually, and your organization could be one […]

Neiman Marcus Data Breach 

Wednesday, November 10th, 2021

It’s not your imagination—the number of significant data breaches and cyberattacks is on the rise. Among the latest prominent victims is Dallas-based retailer Neiman Marcus, who recently notified 4.6 million customers that information associated with their online accounts may have been accessed by an unauthorized third party in May 2020. [i]  In addition to notifying customers, the […]

CCPA Compliance

Monday, August 13th, 2018

What does CCPA Compliance mean for your business? The California Consumer Privacy Act of 2018 (CCPA), a consumer privacy law that establishes guidelines on collecting personal information and post-data-acquisition usage goes into effect January 1, 2020. The new law will apply to any business that operates in California and has annual gross revenues in excess […]