Call +1 (888) 896-7580 for Proactive Cyber Security© Services and Solutions

Latest Content ...

In 2023, the American Institute of CPAs (AICPA) launched a revision of its SOC 2 standard. This revision focused specifically on security issues and emphasized “points of focus” to boost SOC 2 audits’ ability to address modern security threats.  

Continue Reading

While typically not mandatory outside financial sectors, SOC 2 is a reliable security compliance model that any organization can follow. This can be seen in its security assessments, which include a robust list of “Common Criteria,” or broad areas of focus that any secure organization should follow. The recent revision of these criteria in 2023… Read More

Continue Reading

In December 2023, the Department of Defense announced its new Proposed Rules for CMMC. This release comes two years after their initial proposal for CMMC 2.0 as a framework.  Many of CMMC’s expected requirements are coming to pass, and the DoD is looking to finalize and aggressively roll out the program over the next three… Read More

Continue Reading

The ongoing rise of state-sponsored Advanced Persistent Threats (APTs) has increased scrutiny of federal and state IT systems security systems. The latest version of CMMC includes a high-maturity level specifically designed to address these threats, which relies primarily on advanced security controls listed in NIST Special Publication 800-172.   

Continue Reading

The complex relationships between government agencies, third-party vendors, and managed service providers form a challenging web of connections that comprise the DoD digital supply chain. Both NIST 800-171 and CMMC address these at various points, expecting providers to adhere to complex security requirements. These requirements can become so complex that they may turn to Managed… Read More

Continue Reading

As organizations move up the CMMC maturity model, they do so for one reason: to prepare themselves better to protect against Advanced Persistent Threats (APTs). These threats are a significant problem in the defense supply chain, and as such, CMMC leans heavily on NIST 800-171 and 800-172 to address them.  This article introduces how these… Read More

Continue Reading

We’ve regularly written about maintaining security and compliance with third-party vendors. While vendors and managed service providers are a crucial part of digital economies, it’s up to the client businesses to ensure they work with vendors that meet their needs.  Following previous discussions of third-party vendor security under standards like SOC 2 and HIPAA, we’re… Read More

Continue Reading

The existence of quantum computers on the horizon has shaken the cryptography world, and researchers and scientists have received a massive response to build feasible Post-Quantum Cryptography (PCQ). Recently, Apple has taken an enormous step forward by announcing their own PCQ systems, PQ3, in Apple devices.  Learn more about PCQ and Apple’s announcement and the… Read More

Continue Reading

An emergency vulnerability has emerged in Ivanti products and appliances, and it has sent many service providers, especially those in the federal space, in a rush to close their gaps and respond as best they can. This article covers the incident, the government’s response, and what it means for service providers.  

Continue Reading

As the recent Ivanti security breaches indicate, the existence of a strong and effective incident response isn’t an option but a necessity. An incident response plan (IRP) is essential to prepare an organization to respond to any security incident effectively and on time. This plan spells out processes that an organization should undergo in case… Read More

Continue Reading

New data security regulations include, or foreground, the role of data privacy in compliance. Many of these, like GDPR and CCPA, make data privacy a primary concern and expect businesses to meet stringent requirements about protecting the integrity of consumers’ Personally Identifiable Data (PII). One practice stemming from GDPR requirements is the Data Privacy Impact… Read More

Continue Reading

The protection of consumer information is one of the major concerns of the businesses involved in nearly any sector of the economy, particularly financial institutions. The Federal Trade Commission (FTC) Safeguards Rule is a critical requirement for these organizations. It provides specific requirements for certain financial institutions, including a plan for ensuring compliance with the… Read More

Continue Reading
View Updates

Call +1 (888) 896-7580 for Proactive Cyber Security© Services and Solutions!

Get Proactive Today!
Click to access the login or register cheese