In today’s digital world, no matter what type of sensitive data you handle, attackers are hard at work developing ways to access it. The rash of high-profile security breaches making headlines every day is clear evidence of the struggle businesses …
On December 31, 2017, the deadline for compliance with the NIST 800-171, a mandate for contractors serving local and federal governments, came and went. This Special Publication provided guidance on the processes and procedures needed to adequately safeguard controlled unclassified …
The Procrastinator’s Blueprint for NIST 800-171 Compliance Read More »
More than two years ago, the Department of Defense (DOD) sounded the alarm for increased cybersecurity with a new set of controls designed to raise the level of safeguarding standards across the industry. The requirements specified in Defense Federal Acquisition …
3 Challenges to Meeting Supply Chain Cybersecurity Requirements Read More »
Every day, hackers and thieves are becoming more sophisticated, daring, and aggressive in their attempts to turn stolen data into substantial paydays. And with criminal entities regularly on the prowl for cyber weaknesses to exploit, it’s no wonder that the …
What does the Ohio Data Protection Act Mean for Your Business? Read More »
Cybersecurity at small and mid-sized businesses are often under-resourced with an “Army of One” approach to compliance and risk management. Compliance with regulatory requirements like DFARs 252.204-7012, HIPAA, PCI DSS, NERC CIP, Sarbanes Oxley (SOX) and more compete with actual …
CyberSheath Managed Services for Small & Mid-Size Business Read More »
Good hygiene habits are drilled into us from a young age, and for good reason! Neglect to wash your hands, take a shower, use deodorant, or brush your teeth, and you could find yourself friendless, dateless, and quite possibly sick. …
The 12-Step Program for Impeccable Cyber Hygiene Read More »
As cyber-attacks become more frequent and sophisticated, addressing tighter security needs has become a priority for the federal government. Enforcement of “Controlled Unclassified Information” (CUI) protection continues to intensify as private contractors and organizations are now required to upgrade their …
Why SSPs and POA&Ms Aren’t Enough for Compliance Read More »
CyberArk’s flexible pay-as-you-go method, enables CyberSheath to offer CyberArk’s advanced solutions without the huge up-front costs. CyberSheath delivers privileged access security as a single or multi-tenant solution, and your business only pays for what is deployed.
The U.S. Securities and Exchange Commission issued new guidance for public companies to be more forthcoming when disclosing cybersecurity risks, expanding on previous guidance issued in 2011. In addition to warning corporate insiders not to trade shares when they have information about cybersecurity issues that isn’t public, the guidance advised that internal or law enforcement investigations cannot be used as an excuse for not informing the public. The unanimously approved guidance, was published “interpretive guidance,” which the SEC uses to publish their views and interpret the federal securities laws and SEC regulations.
Cybersecurity has become a competitive discriminator in contract awards, decisions are already being made, in part, based on compliance with mandatory requirements and non-mandatory requirements.
