Blog

TX-RAMP is a new vendor risk management regulation for Texas state agencies and public higher education institutions. Here’s everything agencies need to know

Getting certified for the CMMC can seem like a daunting task. Here are 5 fool-proof steps you should take. Updated for CMMC 2.0. Read the guide

Scoping FCI & CUI and building an enclave is necessary to make compliance more efficient and cost-effective. Read the guide. Updated for CMMC 2.0

Everything you need to know about the CMMC, including its history, structure, requirements, and certification process. Updated for CMMC 2.0

The Department of Defense has released CMMC 2.0, introducing several new updates. Here are the six key takeaways contractors need to know

Learn how to establish a successful vendor risk management (VRM) program at a higher education institution using the Higher Education Cloud Vendor Assessment Toolkit (HECVAT) with our practical guide

The NIST 800-171 Basic Assessment is an interim requirement for all DoD contractors ahead of the CMMC. Plan your assessment with our complete guide.

The Department of Education Federal Student Aid Office (FSA) has announced its Campus Cybersecurity Program for Title IV Higher Education Insitutions

The DFARS Interim Rule came into effect on September 29, 2020, and it affects Higher Education Institutions that conduct DoD-sponsored research

Learn everything you need to know about the GLBA in Higher Education with our comprehensive blog post

Conducting a GLBA Pre-Audit Assessment will serve as evidence for your auditors and a guide for your institution

IT Risk Assessments are a critical component of any mature security program. Learn how to conduct your own with this quick guide.

Regulations can help direct our efforts to where work might need to be done, but risk assessments give us advance notice of exactly where those gaps might be. Using a variety of applicable regulatory frameworks, anyone can shore up their compliance through the use of questionnaire-based risk assessments.

For anyone in the medical field, HIPAA sets the standards for the use and protection of medical information and impacts every organization across the healthcare ecosystem, whether interacting with patients or not. As if the threat (and reality) of breaches wasn’t enough, the regulators behind HIPAA mean business when it comes to compliance.

Executing a risk assessment and protecting sensitive consumer information under the New York State Department of Financial Services (NYDFS) cybersecurity regulations

As you start to focus on the issues discovered during a cybersecurity risk assessment, figuring out how to address them can prove difficult. However, there are a few strategies that can help

Using spreadsheets to conduct a risk assessment can be a powerful tool, but they have their limitations.

In-house and outsourced IT risk assessments both have their advantages and disadvantages. Depending on your institution’s needs, it is important to explore different arrangements

Justifying even a modest, incremental budget for a security program can be challenging. A few checklist key tactics can help you make a difference when convincing your key stakeholders

A security risk assessment is a daunting task for any security team. This article will uncover the five biggest problems that they face