Make Cyber Risk a Priority with these Six Tips

The Main Types of Security Policies in Cybersecurity

In 2020, security breaches cost businesses an average of $3.86 million, but the cost of individual incidents varied significantly. The main factor in the cost variance was cybersecurity policies and how well they were implemented. Cost mitigating factors include security best practices such as encryption and vulnerability testing, but board involvement in creating and enforcing […]

5 Important Risk Management Best Practices

The 5 Components of Risk Management

Every business must contend with risks, some chosen deliberately and others an inherent part of the environment in which the business operates. Founding a business, launching products onto the market, employing people, collecting data, building systems—these are all essential to growing a successful business. They are also all sources of risk.  But a business doesn’t […]

PCI DSS Compliance - What Do SAQ, AoC, and, RoC Mean

PCI DSS Compliance: What Do SAQ, AoC, and RoC Mean?

The Payment Card Industry Data Security Standard, or PCI DSS, was established as a standard security requirement for all entities that store, process, or transmit cardholder data. PCI DSS compliance helps to demonstrate your security commitment and assure your clients that their cardholder data is protected. When you engage in a PCI DSS audit, you’re […]

Using NIST 800-53 vs NIST 800-171 in a FISMA Audit

Using NIST 800-53 vs. NIST 800-171 in a FISMA Audit

When any organization engages in a FISMA audit, their information systems are organized according to FIPS 199 and FIPS 200 to determine security categories and impact levels. Then, those systems are tested against a tailored set of baseline security controls. Depending on whether an organization is a federal agency or a private sector entity, different […]

FISMA vs FedRAMP

FISMA vs. FedRAMP

FISMA and FedRAMP audits are often confused because both involve compliance around government data. But, when you dive into the details of each audit, you’ll recognize the differences are stark. Let’s talk through each of these compliance audits and how you can tell them apart from one another. What is FISMA? The Federal Information Security […]