The Cybersecurity Maturity Model Certification (CMMC) was formally made part of the Defense Federal Acquisition Regulation Supplement (DFARS) in January 2020. The decision sent over 300,000 members of the defense industrial base (DIB), mostly small and midsize businesses (SMBs), into a state of frenzy. Most found themselves drowning in all the unnecessary noise surrounding CMMCContinue reading “The Interim DFARS Rule and What It Means for You”
Tag Archives: Compliance
Getting Ready for New CMMC Requirements Now
Right off the bat, we’re here to tell you that anyone promising you a sure-shot solution to all your CMMC woes is trying to pull a fast one on you. The Cybersecurity Maturity Model Certification (CMMC) is a comprehensive move by the U.S. Department of Defense (DoD) that involves a lot of moving parts thatContinue reading “Getting Ready for New CMMC Requirements Now”
Regulations & Reputations: How Compliant Is Your Supply Chain?
With both technology and tech-related threats evolving faster than ever before, supply chain risks have taken on a new meaning in today’s digital world. While traditional supply chain risk management revolved around factors such as strategy, market reality and performance risks, today it must also focus on cybersecurity controls and data breach risk mitigation. AsContinue reading “Regulations & Reputations: How Compliant Is Your Supply Chain?”
Regulations and Standards Governing Your Supply Chain Management Obligations
Irrespective of the size of your supply chain, you must ensure that it isn’t the reason your business is non-compliant with the necessary regulations and standards. Yes, it involves a great deal of continued effort, but it’s worth it. If your business is found to be non-compliant due to compliance risks thriving within yourContinue reading “Regulations and Standards Governing Your Supply Chain Management Obligations”
Insider Threats: Spotting Common Indicators and Warning Signs
Data protection regulations require your business to assess all possible threats to the sensitive data your business stores or manages. While most businesses tend to focus most of their attention on external threats, they often overlook insider threats that exist right under their collective noses. Although the market is flooded with cybersecurity solutions that promiseContinue reading “Insider Threats: Spotting Common Indicators and Warning Signs”
Potential Risks That Insider Threats Pose to PII
Personally Identifiable Information (PII) refers to any information maintained by an agency that can be used to identify or trace a specific individual. In other words, it includes data points, such as social security number, date of birth, mother\’s maiden name, biometric data, tax identification number, race, religion, location data and other information, that canContinue reading “Potential Risks That Insider Threats Pose to PII”
Prioritizing Compliance Commitment Across All Work Environments
A secure and compliant work environment is what data protection regulations worldwide mandate your business to build and maintain. It must be secure enough to mitigate as many risks as possible and be compliant with every single rule/guideline listed in the regulation. The most important aspect to remember is that these regulations take intoContinue reading “Prioritizing Compliance Commitment Across All Work Environments”
Dial up Telehealth Security
The use of telehealth has been growing rapidly over the past decade. Then, the coronavirus pandemic prompted another jump in telehealth offerings. There are many advantages to digital healthcare, but securing this access to physicians and specialists is more challenging. Telehealth services offered through videoconferencing, remote monitoring, electronic consults, and wireless communications: increase connectivity betweenContinue reading “Dial up Telehealth Security”
Is Healthcare Compliance Enough?
The healthcare industry is a top target for cybercriminals. Healthcare providers hold patients’ personal and financial data. Plus, they offer a critical service and could be more likely to pay ransom to get systems back up and running. Recognizing the threat, industry regulators have instituted cybersecurity standards. Noncompliance is costly, but the real question isContinue reading “Is Healthcare Compliance Enough?”
Required Data Security Controls for Compliance
No data protection regulation anywhere in the world expects your business to have a 100 percent perfect plan for fighting cybersecurity threats. However, your business is definitely expected to install all the necessary checks and balances that make up a resilient defense. These checks and balances are referred to as data security controls or measures.Continue reading “Required Data Security Controls for Compliance”