-
Establishing a VRM Program with the HECVAT
Learn how to establish a successful vendor risk management (VRM) program at a higher education institution using the Higher Education Cloud Vendor Assessment Toolkit (HECVAT) with our practical guide
-
The Step-by-Step Guide to Prepare for the CMMC
Preparing for and acing the CMMC starts with a CMMC Pre-Assessment. Get started today with our practical step-by-step guide
-
The NIST 800-171 Basic Assessment Complete Guide
The NIST 800-171 Basic Assessment is an interim requirement for all DoD contractors ahead of the CMMC. Plan your assessment with our complete guide.
-
Everything about the Cybersecurity Maturity Model Certification (CMMC)
The CMMC is here for DoD contractors who handle FCI or CUI. Learn everything you need to know to comply with our comprehensive CMMC guide.
-
Scoping CUI & FCI for NIST 800-171 & CMMC Guide
In order to minimize the scope of a NIST 800-171 or CMMC assessment, you must identify where CUI & FCI live and segregate it into an enclave
-
Understanding the Campus Cybersecurity Program by the Department of Education
The Department of Education Federal Student Aid Office (FSA) has announced its Campus Cybersecurity Program for Title IV Higher Education Insitutions
-
DFARS Interim Rule & Higher Education
The DFARS Interim Rule came into effect on September 29, 2020, and it affects Higher Education Institutions that conduct DoD-sponsored research
-
Everything about the GLBA in Higher Education
Learn everything you need to know about the GLBA in Higher Education with our comprehensive blog post
-
Conducting the GLBA Pre-Audit Assessment
Conducting a GLBA Pre-Audit Assessment will serve as evidence for your auditors and a guide for your institution
-
Conducting IT Risk Assessments Quick Guide
IT Risk Assessments are a critical component of any mature security program. Learn how to conduct your own with this quick guide.
-
Higher Education Regulations Quick Guide
Regulations can help direct our efforts to where work might need to be done, but risk assessments give us advance notice of exactly where those gaps might be. Using a variety of applicable regulatory frameworks, anyone can shore up their compliance through the use of questionnaire-based risk assessments.
-
HIPAA Compliance Guide
For anyone in the medical field, HIPAA sets the standards for the use and protection of medical information and impacts every organization across the healthcare ecosystem, whether interacting with patients or not. As if the threat (and reality) of breaches wasn’t enough, the regulators behind HIPAA mean business when it comes to compliance.
-
NYDFS: Achieving the New Risk Assessment Requirement
Executing a risk assessment and protecting sensitive consumer information under the New York State Department of Financial Services (NYDFS) cybersecurity regulations
-
IT Risk Assessments: Prioritizing Risks
As you start to focus on the issues discovered during a cybersecurity risk assessment, figuring out how to address them can prove difficult. However, there are a few strategies that can help
-
IT Risk Assessments: Spreadsheets vs. Workflow Software
Using spreadsheets to conduct a risk assessment can be a powerful tool, but they have their limitations.
-
In-House vs. Outsourced IT Risk Assessments
In-house and outsourced IT risk assessments both have their advantages and disadvantages. Depending on your institution’s needs, it is important to explore different arrangements
-
How to Get Budget for an IT Risk Assessment
Justifying even a modest, incremental budget for a security program can be challenging. A few checklist key tactics can help you make a difference when convincing your key stakeholders
-
The Top 5 Problems Security Teams Face During Cybersecurity Risk Assessments
A security risk assessment is a daunting task for any security team. This article will uncover the five biggest problems that they face
