The Charles IT Blog

How Can Your Business Qualify Under the Safe Harbor Law?

How Can Your Business Qualify Under the Safe Harbor Law?

Several states across the United States, including Connecticut, recently passed the Cybersecurity Safe Harbor Law. This landmark legislation is important for both businesses and consumers because it helps protect companies from liability for cybersecurity breaches while ensuring they are meeting the minimum cybersecurity standards that further consumer data privacy.

Which Cybersecurity Frameworks Qualify for Safe Harbor?

Which Cybersecurity Frameworks Qualify for Safe Harbor?

The Health Insurance Portability and Accountability Act (HIPAA) enabled the development and implementation of standards for storing and handling protected health information (PHI). All covered entities (CE) that handle patient data, including pharmacies, hospitals, and even employers that provide health insurance plans to their employees, must follow these standards. HIPAA rules also apply to ...

What Is Connecticut’s Safe Harbor Law?

What Is Connecticut’s Safe Harbor Law?

The pandemic has proven to be a major challenge for businesses of all sizes, not only in terms of operations but also data security. With the rise in online communications and remote work, there has been an increase in the number of cyberattacks targeting businesses across the country.

Why Security Awareness Training Is Essential for CMMC Compliance

Why Security Awareness Training Is Essential for CMMC Compliance

The US Department of Defense (DoD) works with over 100,000 companies and their subcontractors that are part of the Defense Industrial Base (DIB) sector. This sector “enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet US military requirements.” Given the amount of money and highly ...

How Does Vulnerability Scanning Keep My Company Compliant?

How Does Vulnerability Scanning Keep My Company Compliant?

Maintaining compliance with government regulations can be daunting for many companies. This is especially true when it comes to the Cybersecurity Maturity Model Certification (CMMC), which requires Department of Defense (DoD) contractors to implement specific security controls in order to protect sensitive data pertaining to national security.

How Dark Web Monitoring Can Help Achieve CMMC 2.0 Compliance

How Dark Web Monitoring Can Help Achieve CMMC 2.0 Compliance

On November 4, 2021, the US Department of Defense (DoD) announced a massive revamp of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, aims to eliminate red tape for small- and medium-sized businesses and strengthen cooperation between the DoD and contractors in addressing ever-evolving cyberthreats.

How Encryption Can Help Keep Your Organization Compliant

How Encryption Can Help Keep Your Organization Compliant

The Cybersecurity Maturity Model Certification (CMMC) guides organizations in building and strengthening their cybersecurity posture into manageable chunks. Apart from specifying controls that every Department of Defense (DoD) contractor and subcontractor must implement, the CMMC model also requires key cyber initiatives to ensure that data is protected on all fronts from unauthorized access. One ...

Backup & Disaster Recovery's role in the CMMC framework

Backup & Disaster Recovery's role in the CMMC framework

The Cybersecurity Maturity Model Certification (CMMC) framework is the basis for Department of Defense (DoD) efforts to safeguard controlled unclassified information (CUI) across its vast worldwide supply chain. This framework comprises 171 practices that are stacked across 17 domains and 43 capabilities, each of which belongs to one of the maturity levels in the model.

What Security Services Are Necessary to Be Compliant with CMMC 2.0?

What Security Services Are Necessary to Be Compliant with CMMC 2.0?

On November 4, 2021, the Department of Defense (DoD) announced a massive overhaul of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, is still being finalized and not yet publicly available, raising a lot of questions for many Defense Industrial Base (DIB) contractors and subcontractors about how they’ll need to adjust.

CMMC 2.0: Understanding the New Framework

CMMC 2.0: Understanding the New Framework

The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity assessment program developed by the US Department of Defense (DoD). It is aimed at measuring the maturity of a defense contractor’s cybersecurity processes toward demonstrating compliance with standards for protecting federal contract information (FCI) and controlled unclassified information (CUI).