DHS Cybersecurity Readiness Evaluation Factor (CRF): What SMBs Need to Know
By Chor-Ching Fan and David Trout DHS Introduces New Cybersecurity Readiness Evaluation Factor (CRF Scoring) In a recent development that could significantly impact [...]
Now is the Time for FedRAMP Automation with OSCAL
By Chor-Ching Fan Introduction In the rapidly evolving cybersecurity landscape, FedRAMP authorization has become a critical necessity for tech companies serving Federal government [...]
A Summary of FedRAMP Rev. 5 Baselines
By Chor-Ching Fan The Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board has approved the Rev. 5 baselines, aligning them with [...]
Get Ready: NIST SP 800-171 Revision 3 Evolves to Enhance Cybersecurity Measures
By Chor-Ching Fan NIST SP 800-171 is a publication by NIST that provides security requirements for safeguarding Controlled Unclassified Information (CUI). The guidelines [...]
THE BEST SOLUTION FOR 800-171 SUCCESS
by David Trout When working in the federal IT space, next to proactive security, compliance is everything. Thousands of pages of requirements exist between the Federal Acquisition Regulation (FAR) [...]
NIST CONTROL REQUIREMENTS SEEM VAGUE?
By David Trout NIST 800-171 security controls are purposely designed to be broad, so that individual contractors can adapt them to their operations. While this non-specific approach supports a [...]
WHAT DO I DO IF I HAVE IDENTIFIED 800-171 GAPS?
By Chor-Ching Fan Finding areas where your security controls are lacking does not mean NIST 800-171 compliance is out of reach. If you are unable to meet all NIST [...]
NIST 800-171 COMPLIANCE…ARE WE THERE YET?
By Chor-Ching Fan The adage “your greatest strength is also your worst weakness” applies to compliance frameworks too. NIST 800-171 requirements were designed to be flexible, which turns out [...]