DHS Cybersecurity Readiness Evaluation Factor (CRF): What SMBs Need to Know
By Chor-Ching Fan and David Trout DHS Introduces New Cybersecurity Readiness Evaluation Factor (CRF Scoring) In a recent development that could significantly impact [...]
By Chor-Ching Fan and David Trout DHS Introduces New Cybersecurity Readiness Evaluation Factor (CRF Scoring) In a recent development that could significantly impact [...]
By Chor-Ching Fan Introduction In the rapidly evolving cybersecurity landscape, FedRAMP authorization has become a critical necessity for tech companies serving Federal government [...]
By Chor-Ching Fan The Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board has approved the Rev. 5 baselines, aligning them with [...]
By Chor-Ching Fan NIST SP 800-171 is a publication by NIST that provides security requirements for safeguarding Controlled Unclassified Information (CUI). The guidelines [...]
by David Trout When working in the federal IT space, next to proactive security, compliance is everything. Thousands of pages of requirements exist between the Federal Acquisition Regulation (FAR) [...]
By David Trout NIST 800-171 security controls are purposely designed to be broad, so that individual contractors can adapt them to their operations. While this non-specific approach supports a [...]
By Chor-Ching Fan Finding areas where your security controls are lacking does not mean NIST 800-171 compliance is out of reach. If you are unable to meet all NIST [...]
By Chor-Ching Fan The adage “your greatest strength is also your worst weakness” applies to compliance frameworks too. NIST 800-171 requirements were designed to be flexible, which turns out [...]