Sharing our expertise with you…

New CISO means new security strategy ...but should it?

New CISO means new security strategy ...but should it?

During a recent discussion with a CEO of a Health System, he mentioned he had lost faith in his leadership and security team because the cybersecurity strategy keeps changing. “Every time there is a change in leadership, the cybersecurity strategy changes.”

Read More
What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?

What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?

NIST SP 800-171 and NIST SP 800-53, both provide a set of security requirements for protection of information and systems used by the government. The purpose and applicability of the security requirements depends on; 1)    the information to be protected (controlled unclassified information (CUI) vs. classified information) and 2)    the kind of system on which the information is processed, stored, or transmitted (Nonfederal information system vs. federal information system.

Read More
Why you need a security program and how to get started…

Why you need a security program and how to get started…

A security program serves as a GPS for assessing and managing information security within the organization. This is a living document with strategies that include retaining the right resources, streamlining current processes, and implementing necessary technology.

Read More