Compliance

Why Is CMMC a Big Deal?

Jun 8, 2023 By Tom Cupples In CISO Global

The Cybersecurity Maturity Model Certification (CMMC) has been around for a few years. And, in its short tenure, it has, itself, matured. The current version of the CMMC is 2.0, released in November 2021. In the latest version of the model, the original five-level model hierarchy was collapsed into three distinct levels: Foundational, Advanced, and Expert.

Read Post

CISO Global

Read more about Why Is CMMC a Big Deal?

How to Make the Business Case for ISO 27001 Compliance

Jun 8, 2023 By Linda Baker In Egnyte

‍As a CIO at a mid-sized company, I faced a new challenge when vendors asked for more specifics about our information security and the protocols we have in place to safeguard our sensitive data. Naturally, those questions were directed toward the IT team (and were phrased in ISO 27001 terminology), which was initially challenging because we had limited knowledge of that particular standard.

Read Post

Egnyte

Read more about How to Make the Business Case for ISO 27001 Compliance

How to Achieve ISO 27001: Everything You Need to Know to Pass the Audit

Jun 7, 2023 By Mimi Pham In TrustCloud

Welcome to our guide on ISO 27001 compliance! We’ll cover everything you need to know about ISO 27001, including its clauses, the preparation & audit processes, costs, and best practices. Let’s get started!

Read Post

TrustCloud

Read more about How to Achieve ISO 27001: Everything You Need to Know to Pass the Audit

HIPAA and Incident Response: How to Manage Security Incidents in a HIPAA-Compliant Environment.

Jun 7, 2023 By VISTA InfoSec In VISTA InfoSec

Watch our webinar on “HIPAA and Incident Response: How to Manage Security Incidents in a HIPAA-Compliant Environment” for an amazing opportunity to learn about HIPAA and incident response in a HIPAA-compliant environment! VISTA InfoSec presents this informative session for organizations striving to achieve HIPAA compliance and enhance their incident response capabilities.

View Video

VISTA InfoSec

Read more about HIPAA and Incident Response: How to Manage Security Incidents in a HIPAA-Compliant Environment.

Webinar How Does NIST 800 171 R3 Impact Your CMMC Plans

Jun 7, 2023 By NeoSystems In NeoSystems

Let’s avoid confusion and not lose focus. While NIST recently announced revision 3 of 800-171, its impact on government contractors and subs won’t be felt for years. DFARS 252.204-7012 requires compliance with Revision 2 now. SPRS scores (which can now be considered by the government when making contract awards) are based on Revision 2, and CMMC assessments which will soon be required are also based on Revision 2.

View Video

NeoSystems

Read more about Webinar How Does NIST 800 171 R3 Impact Your CMMC Plans

TrustCloud Releases World's First Free Security Questionnaire Tool and Compliance Sharing Portal for Startups

Jun 6, 2023 By TrustCloud In TrustCloud

TrustShare™ application includes AI-powered security questionnaire responses and a dynamic compliance portal, so startups can pass security reviews and win crucial enterprise deals.

Read Post

TrustCloud

Read more about TrustCloud Releases World's First Free Security Questionnaire Tool and Compliance Sharing Portal for Startups

Building trust with vendor management

Jun 6, 2023 By Vanta In Vanta

If you’re working towards a stronger security posture to become an organization that’s worthy of customer trust, your vendors are going to play an increasingly important role. ‍ In this article, we’ll give you an overview of vendor management and walk through what a robust vendor management process looks like. ‍ ‍

Read Post

Vanta

Read more about Building trust with vendor management

Vanta Video How-to: Workspaces

Jun 6, 2023 By Vanta In Vanta

View Video

Vanta

Read more about Vanta Video How-to: Workspaces

A TrustCloud Trustimonial: Icon

Jun 5, 2023 By TrustCloud In TrustCloud

Andy Maillet shares how TrustCloud transformed Icon's compliance program, delivering organization, clarity, and peace of mind. Compliance used to be a daily dread, now it’s worry-free for Icon.

View Video

TrustCloud

Read more about A TrustCloud Trustimonial: Icon

Free ISO 27001 Vendor Questionnaire Template (2023 Edition)

Jun 2, 2023 By Edward Kost In UpGuard

ISO 27001 is commonly used for assessing supply chain and data breach risks during due diligence. This post provides a free ISO 27001 vendor questionnaire template for a high-level evaluation of vendor information security standards. Though this security assessment template only broadly covers Supply Chain Risk Management aspects of ISO 27001, it should still be sufficient for identifying potential deficiencies in a vendor’s security control strategy requiring further investigation.

Read Post