Blog

Getting CMMC certified takes time and preparation. This guide covers the five practical steps to go from zero to certified

This comprehensive guide covers everything you need to know about the NIST 800-171 Basic Assessment and the steps you can take to build a compliance process.

Scoping FCI & CUI is a necessary step to make NIST 800-171 & CMMC compliance more feasible and cost-effective. Read the Complete Scoping Guide.

This complete CMMC guide will review everything contractors need to know about CMMC, including its structure, requirements, and certification process.

SaltyCloud attended the 2022 EDUCAUSE Cybersecurity and Privacy Professionals Conference (CPPC and did a lot. These are our highlights

TX-RAMP is a new vendor risk management regulation for Texas state agencies and public higher education institutions. Here’s everything agencies need to know

The Department of Defense has released CMMC 2.0, introducing several new updates. Here are the six key takeaways contractors need to know

Learn how to establish a successful vendor risk management (VRM) program at a higher education institution using the Higher Education Cloud Vendor Assessment Toolkit (HECVAT) with our practical guide

The Department of Education Federal Student Aid Office (FSA) has announced its Campus Cybersecurity Program for Title IV Higher Education Insitutions

The DFARS Interim Rule came into effect on September 29, 2020, and it affects Higher Education Institutions that conduct DoD-sponsored research

Learn everything you need to know about the GLBA in Higher Education with our comprehensive blog post

Conducting a GLBA Pre-Audit Assessment will serve as evidence for your auditors and a guide for your institution

IT Risk Assessments are a critical component of any mature security program. Learn how to conduct your own with this quick guide.

Regulations can help direct our efforts to where work might need to be done, but risk assessments give us advance notice of exactly where those gaps might be. Using a variety of applicable regulatory frameworks, anyone can shore up their compliance through the use of questionnaire-based risk assessments.

For anyone in the medical field, HIPAA sets the standards for the use and protection of medical information and impacts every organization across the healthcare ecosystem, whether interacting with patients or not. As if the threat (and reality) of breaches wasn’t enough, the regulators behind HIPAA mean business when it comes to compliance.

Executing a risk assessment and protecting sensitive consumer information under the New York State Department of Financial Services (NYDFS) cybersecurity regulations

As you start to focus on the issues discovered during a cybersecurity risk assessment, figuring out how to address them can prove difficult. However, there are a few strategies that can help

Using spreadsheets to conduct a risk assessment can be a powerful tool, but they have their limitations.

In-house and outsourced IT risk assessments both have their advantages and disadvantages. Depending on your institution’s needs, it is important to explore different arrangements

Justifying even a modest, incremental budget for a security program can be challenging. A few checklist key tactics can help you make a difference when convincing your key stakeholders

A security risk assessment is a daunting task for any security team. This article will uncover the five biggest problems that they face