A Summary of FedRAMP Rev. 5 Baselines
By Chor-Ching Fan The Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board has approved the Rev. 5 baselines, aligning them with [...]
Get Ready: NIST SP 800-171 Revision 3 Evolves to Enhance Cybersecurity Measures
By Chor-Ching Fan NIST SP 800-171 is a publication by NIST that provides security requirements for safeguarding Controlled Unclassified Information (CUI). The guidelines [...]
ICS/SCADA: Security and Compliance for Critical Infrastructure
By Celia Baker Security is vital for the continued performance and safety of the Industrial Control Systems (ICS) that help manage operations for oil and gas refineries, nuclear plants, [...]
DoD Revs Up Emphasis on 800-171 with Scoring Requirement
By Chor-Ching Fan When the recently released CMMC Interim Rule (DFARS Case 2019-D041) takes effect on November 30, 2020, the Department of Defense (DoD) will require defense contractors to [...]
DoD CMMC 1.0 Spec Released! What are My Options?
DoD CMMC 1.0 Spec Released! What are My Options? By Chor-Ching Fan and David Hall The DoD Cybersecurity Maturity Model Certification (CMMC) intends to be the new best way [...]
CMMC Says Goodbye to POAMs
By Chor-Ching Fan Under NIST SP 800-171, Department of Defense (DoD) contractors were considered compliant if they could demonstrate a plan for meeting security requirements at a future date. [...]
THE VIRTUAL COMPLIANCE OFFICER (vCO)
By Chor-Ching Fan Most of us have heard of on-demand virtual CISOs. A vCISO offers outsourced security expertise to businesses on a part-time basis. As demand for CISOs outstripped [...]
GOV FUNDS FOR SMBs CYBER SAFETY
By David Trout Many small-and medium-sized businesses (SMBs) are more vulnerable to cyberattack than large enterprises, due to their limited knowledge of cybersecurity practices and budget constraints. A recently [...]
SIMPLE CONTINUOUS COMPLIANCE MONITORING
By Chor-Ching Fan You did it! It was hard work, but you reached your goal: certified compliance. But wait. Compliance is not a one and done thing. Did you [...]
WHY RIZKLY IS RIGHT FOR CONSULTANTS?
By David Trout Rizkly was created to reduce client costs for compliance, so you can scale your consulting services to meet the needs of SMBs. You no longer have [...]