How to Implement NIST Cybersecurity Framework

How to Implement NIST Cybersecurity Framework

Organizations can no longer afford to view cybersecurity as a necessary evil and a mere cost center. Instead, they should view it as an integral component of their value propositions now that customers are increasingly wary about who they do business with. In other words, good security is good for business, not just because it helps mitigate risk, but because it opens the door to lucrative new ...

The NIST Framework Tiers Explained

The NIST Framework Tiers Explained

The NIST Cybersecurity Framework is a leading global standard in cybersecurity, as well as the basis of many legal regulations and other standards. There are three main elements to the framework – the framework core, profiles, and implementation tiers. These tiers are intended to provide context for stakeholders to help determine the degree to which their organizations exhibit the characteristics ...

NIST CSF Controls: A Handy Checklist

NIST CSF Controls: A Handy Checklist

One of the most common drawbacks of cybersecurity frameworks and standards is that they fail to make a sufficiently compelling case to business leaders. Many focus on the needs of IT teams and exhibit high technological complexity and technical challenges for implementation. Others are biased towards specific types of computing infrastructure or even specific vendors.

NIST Cybersecurity Framework for Small Business: 5 Useful Resources

NIST Cybersecurity Framework for Small Business: 5 Useful Resources

One of the most pervasive myths about cybersecurity is that small businesses are less popular targets for malicious actors than large enterprises. However, even though it’s usually only the major data breaches that make the headlines, small businesses are actually a favorite target for attackers. Cybercriminals often view them as relatively easy targets who nonetheless have plenty of data worth ...

CMMC Certification: Why Managed Detection and Response is Critical

CMMC Certification: Why Managed Detection and Response is Critical

The cybersecurity maturity model certification (CMMC) requires a multilayered approach to information security. Of the 171 practices listed in the CMMC cybersecurity framework, 16 fall into the domain of identification and authentication (IA), which deals with user credentials like usernames and passwords.

DFARS 252.204-7012: How effective are your access controls?

DFARS 252.204-7012: How effective are your access controls?

Access control is one of the fourteen groups of information security requirements specified by the NIST 800-171 standard. The standard aims to set a baseline for controlling access to any sensitive data, and adherence to it is a requirement for any organization that forms part of the Defense Industrial Base (DIB). This is according to the DFARS 252.204-7012 clause, which has been included in DoD ...

DFARS 252.204-7012: 14 Control Families You Can’t Afford to Overlook

DFARS 252.204-7012: 14 Control Families You Can’t Afford to Overlook

Any Department of Defense (DoD) contractor must comply with the security standards of the Defense Federal Acquisition Regulation Supplement (DFARS) before it can be given access to controlled unclassified information (CUI). 

5 IT New Year's Resolutions Your Company Should Have

5 IT New Year's Resolutions Your Company Should Have

  In the dynamic world of technology, the only thing you can count on is change. Your business always needs to be one step ahead when it comes to protecting your assets against the rising tide of cybercrime and innovating quickly to capitalize on new opportunities. And with the end of the year just around the corner, now is a great time to reevaluate your technology strategy.