Sharing our expertise with you…

New CISO means new security strategy ...but should it?
Compliance, Controls, Cybersecurity, Information Security, Risk Management Stella Bridges Compliance, Controls, Cybersecurity, Information Security, Risk Management Stella Bridges

New CISO means new security strategy ...but should it?

During a recent discussion with a CEO of a Health System, he mentioned he had lost faith in his leadership and security team because the cybersecurity strategy keeps changing. “Every time there is a change in leadership, the cybersecurity strategy changes.”

Read More
What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?
Compliance, Cybersecurity, Information Security, Government, Federal Stella Bridges Compliance, Cybersecurity, Information Security, Government, Federal Stella Bridges

What is DFARS Compliance (NIST 800-171) and how does it compare to NIST 800-53?

NIST SP 800-171 and NIST SP 800-53, both provide a set of security requirements for protection of information and systems used by the government. The purpose and applicability of the security requirements depends on; 1)    the information to be protected (controlled unclassified information (CUI) vs. classified information) and 2)    the kind of system on which the information is processed, stored, or transmitted (Nonfederal information system vs. federal information system.

Read More
Why you need a security program and how to get started…
Controls, Information Security, Cybersecurity, Risk Management Stella Bridges Controls, Information Security, Cybersecurity, Risk Management Stella Bridges

Why you need a security program and how to get started…

A security program serves as a GPS for assessing and managing information security within the organization. This is a living document with strategies that include retaining the right resources, streamlining current processes, and implementing necessary technology.

Read More