DFARS Interim Rule – Need to Act NOW

DFARS Interim Rule

What Is DFARS Interim Rule? DFARS is a set of legal requirements demanding that all Department of Defense (DoD) contractors meet predefined cyber security standards. In September 2020, the DoD released the DFARS Interim Rule that took effect on November 30, 2020. The new interim rule introduced three additional clauses to DFARS: 7019, 7020, and…

Read More

Warning – Assessors should NOT be Assessing Themselves

independent-auditors-report

A lot of businesses today rely upon cloud-based systems to operate. These include the use of cloud-based storage, online marketing systems, digital media, social media marketing, and so on. But as reports of data breaches and security threats continue to increase, clients and customers need some extra reassurance that the company they are doing business…

Read More

Know About the DFARS Interim Rule 11/30/20 Deadline re: CMMC Compliance?

SUMMARY: DoD is issuing an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification (CMMC) framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain. DATES: Effective November 30, 2020.…

Read More

Data Security Compliance Risk Without Compliant Vendors?

data security compliance - Vendor Management Program

How to Ensure Vendor Compliance Data security compliance regulations are designed to help companies ensure the integrity, security and availability of the sensitive data they handle. Organizations must comply with these rules and guidelines to protect their systems and data from security breaches and other types of risks. With the tremendous amount of data handled and…

Read More

What is FedRAMP?

what is fedramp

FedRAMP stands for Federal Risk and Authorization Management Program. It is: Designed to make sure that cloud services used by the government and other entities are secure, safe, and reliable Mandatory for all organizations that provide cloud services to government entities A uniform program that deals with security assessment, authorization, and observation for entities dealing…

Read More

Review of NIST 800-171

Nist 800-171 compliance

NIST 800-171—All You Need to Know In this day and age, information is king. This means that data handling and recordkeeping are critical processes that help businesses build and maintain the trust and confidence of their vendors, contractors, partners, and customers. Of course, when the federal government gets involved in any way, cybersecurity for the protection…

Read More

Obtaining NIST 800-171 Compliance

NIST 800-171

Achieving NIST 800-171 Compliance For organizations handling controlled unclassified information (CUI), ensuring data protection is paramount as this data can be a target for serious, sophisticated cyberattacks. In fact, past and current orchestrated attacks on programs and assets containing CUI have prompted the Department of Defense (DoD) to work with and get the assistance of…

Read More

Cybersecurity Auditing – Work with the RIGHT Auditor

Cybersecurity Auditing

Why a Focus on Cybersecurity is Critical? Cybersecurity Auditing, data breaches, and other digital era dangers show up in headlines every day.  The even more sobering reality is that most of these events never become public knowledge.  In other words, we only hear about a small percentage of the incidents. Just within the past few…

Read More

Intro to the California Consumer Privacy Act (CCPA)

California Consumer Privacy Act (CCPA)

CCPA Compliance for Businesses The California Consumer Privacy Act (CCPA) comes into effect on January 1, 2020.  Its provisions are focused on the protection of consumer privacy and will affect all companies dealing with consumer data in California.  Companies will be required to ensure that they have comprehensive compliance policies in place to protect both…

Read More