Aligning Cybersecurity and Third-Party Risk Management with Business Goals
March 25, 2025 In the cybersecurity risk world, we often encounter the issue of not speaking the same language as the business.
Archive
Rethinking Risk: ICS & OT Security with Purdue 2.0 and GRC
March 18, 2025 The rise of the extended Internet of Things (XIoT) across industrial (IIoT), healthcare (IoMT), commercial (OT, BMS/EMS/ACS/iBAS/FMS), and other sectors has brought remarkable efficienc…
Proactive Security: Navigating HIPAA’s Proposed Risk Analysis Updates
March 4, 2025 NOTE: This article discusses proposed changes to existing regulations.
Proposed Changes from the HHS to HIPAA Security Rule
February 11, 2025 Author’s Note: This article discusses proposed changes to existing regulations.
CMMC Is Here – Are You Ready? (Better Late Than Never)
December 16, 2024 Well, the day(s) some people said would never come are here: 32 CFR Part 170, the Cybersecurity Maturity Model Certification (CMMC) Program, hit the Federal Register as a Final Rule …
Understanding and Taking Advantage of the NYDFS Risk Assessment Requirement
December 11, 2024 As organizations prepare for the coming year those affected by NYDFS may struggle to efficiently include the requirements in their plans.
Building and Enhancing OT/ICS Security Programs Through Governance, Risk, and Compliance (GRC)
November 21, 2024 Operational Technology (OT) and Industrial Control Systems (ICS) are critical components of many industries, especially those within the 16 critical infrastructure sectors.
NIST CSF 2.0 Is Here: How Will You Adapt?
October 8, 2024 The new NIST Cybersecurity Framework (CSF) 2.0 framework comes with multiple important and long-awaited updates.