Sharing our expertise with you…

Risk Management Program? It's Easy If You Do It Correctly
Compliance, Controls, Cybersecurity, Risk Management, information Security Stella Bridges Compliance, Controls, Cybersecurity, Risk Management, information Security Stella Bridges

Risk Management Program? It's Easy If You Do It Correctly

Risk can severely impact your ability to operate or grow the organization. Whether it’s implementing a new technology, managing business operations, or ensuring ongoing compliance - risk is in everything we do. Yet, very few organization have an effective Risk Management Program (RMP).

Read More
New CISO means new security strategy ...but should it?
Compliance, Controls, Cybersecurity, Information Security, Risk Management Stella Bridges Compliance, Controls, Cybersecurity, Information Security, Risk Management Stella Bridges

New CISO means new security strategy ...but should it?

During a recent discussion with a CEO of a Health System, he mentioned he had lost faith in his leadership and security team because the cybersecurity strategy keeps changing. “Every time there is a change in leadership, the cybersecurity strategy changes.”

Read More
What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?
Compliance, Cybersecurity, Information Security, Government, Federal Stella Bridges Compliance, Cybersecurity, Information Security, Government, Federal Stella Bridges

What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?

NIST SP 800-171 and NIST SP 800-53, both provide a set of security requirements for protection of information and systems used by the government. The purpose and applicability of the security requirements depends on; 1)    the information to be protected (controlled unclassified information (CUI) vs. classified information) and 2)    the kind of system on which the information is processed, stored, or transmitted (Nonfederal information system vs. federal information system.

Read More