2022 brought a flurry of legislative activity regarding state data privacy with very little effective action being taken. Looking toward the new...
Sign up to receive our newsletter and stay up-to-date on industry news, events, our latest articles, and staffing/recruiting opportunities!
Elevate Insights
2023 AI Bias Audit Laws
USA AI Bias Audit Laws The NY automated employment decision tools law Update as of December 15, 2022: Due to the volume of comments the NYC...
Physical Pen Testing
Getting Ahead of the Threat – Why Physical Penetration Tests Matter for Your Business With the focus on cybersecurity taking top priority in today’s...
SWIFT CSP – How to Do It Yourself and Other Valuable Information
SWIFT Customer Security Program (CSP) launched in 2016 in response to the sophisticated cyber attacks on SWIFT users, the Customer Security Program...
ISO 27001, HITRUST and SOC 2 – What Are the Differences?
In our industry, there is an endless assortment of compliance frameworks that result in certifications and audit reports you can give to your...
HITRUST – i1 or R2?
HITRUST CSF is an international compliance standard set for the Healthcare industry. It was developed in 2007 to provide information protection,...
Are You Ready for SWIFT ISO 20022 In November?
On July 5, 2018, an announcement was published by the Federal Reserve Board, which described the intent to adopt and migrate to the new...
DUNS Has Been Replaced, Say Hello to UEI
In this article, we look at the switch from DUNS to the Federal Contractor UEI Number. Early last month, the United States federal government...
PCI DSS v4.0 is being released NOW – What is known about the newest version?
If your organization is involved with credit card processing in any way, the PCI DSS (Payment Card Industry Data Security Standard) is integral to...
CMMC 2.0 – Extended-Release Dates Among Rule-Making Delays
In this article, we look at factors affecting DoD CMMC 2.0 Release Date. Since its initial release in the fall of 2021, the original CMMC model (now...
Is your Financial Institution aware of the FTC’s Final Rule Implemented in January 2022?
In October of last year, in an effort to strengthen data security measures, the Federal Trade Commission (“FTC”) announced that...
CMMC 2.0 Update – What Do These Changes Mean for Your Organization?
CMMC 2.0 Update Three major changes were announced for CMMC: fewer security tiers, new level definitions and requirements, and allowance for “Plan...
Is the CMMC Leaning Towards Self Certification for 2022?
In this article, we the progress toward CMMC Self Certification. That is the question that everyone is placing a major bet on. Unfortunately, the...
The OWASP Top 10 has a new look for 2021
Since the Open Security Summit in 2017, the OWASP Top 10 has provided an established data-collection process. In 2021, the OWASP 10 has a new look....
Are you ready to Attest to the 12/31/21 Federal Reserve Bank’s Security Standard?
In this article, we discuss the New FedLine Standard. Starting December 31st, 2021, all institutions that use FedLine Advantage or FedLine Web are...
PCI DSS v4.0 Update – Major Security Changes to the Payment Industry
Rapid changes in how payments are made, seemingly constant technology upgrades, and the relentless pursuit of providing secure transactions are all...
Migrating Great Plains To Dynamics 365 – What You Need To Know
Based on current versions, Microsoft has issued extended end-dates for Migrating Great Plains to Dynamics 365 ranging from 2023 through 2028. Fig. 1...
Major Update – ISO/IEC 27002:2022 Published
In this article, we look at the ISO 27002 Major Update. A Brief History of ISO (ISO 27002 Major Update) The origins of the ISO 27001/2 standard go...
New Federal Cyber Security Standards – Executive Order to Improve the Nation’s Cyber Security
On May 12, 2021, President Biden signed the Executive Order on Improving the Nation’s Cyber Security in efforts to protect the federal...
Are You Ready for the 5-Tiered CMMC Framework this Fall?
Since November 30, 2020, the interim rule issued by the DoD initiated a 5-year phased rollout, introducing the new CMMC Framework Requirement in...
The Skinny on IT Compliance Certifications from Hardest to Easiest (including HIPAA)
FedRAMP certification is by far, the hardest to achieve due to the large scope of controls, documentation requirements, required third-party assessment organization (3PAO) review as well as authorization by a government authority. The average cost of obtaining FedRAMP certification ranges from hundreds of thousands up to a million dollars.