Risk & Compliance News.

Mar 8th, 2021 - Every person running a business will not all have the same talent and nor should things be that way. For the skills that every business does not possess or does not have time to do then the best option is outsourcing. Software development is a common area of business that is outsourced to third parties across the globe. Software development outsourcing can be considered as having a third party handle any or all their IT needs from cybersecurity to app maintenance. Some organizations may be a ... [Read More]

Mar 8th, 2021 - Threat actors have successfully targeted defense contractors over the years because they haven’t fully secured their networks, thus creating serious vulnerabilities in U.S. national security. To combat this challenge, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) framework was born. So, what exactly is this framework? According to the DoD’s website, the CMMC is a “unifying standard for the implementation of cybersecurity, which includes a ... [Read More]

Mar 8th, 2021 - Zero trust adoption challenges many organizations. It isn't a specific technology to adopt, but a security initiative that an enterprise must understand, interpret, and implement. Enterprise security initiatives are never simple, and their goal to improve cybersecurity posture requires the alignment of multiple stakeholders, systems, acquisitions, and exponentially changing technology. This alignment is always a complex undertaking and requires cybersecurity strategy and engineering to succeed. ... [Read More]

Mar 8th, 2021 - There has been a significant increase in investments in the healthcare space throughout the COVID-19 pandemic. According to Crunchbase , $14.2 billion globally and $9.2 billion domestically in the United States were invested into this industry in 2020. The importance of mental health, distributing vaccines, and personalized care is only becoming more relevant in the world, leading to greater demand for health services of all kinds. But along with the increase in healthcare venture fundraising, ... [Read More]

Mar 5th, 2021 - While navigating an unexpected shift toward remote work in 2020, many global enterprises began to fully recognize the risks associated with tying essential business applications to a single physical workplace. Brightflag, the AI-powered legal spend management and matter management platform, announced its achievement of SOC 2 (Type II) and SOC 1 (Type II) certifications without exceptions. Following the recent renewal of the company’s existing ISO 27001:2013 certification, these attainments ... [Read More]

Mar 4th, 2021 - In the third installment of a five-part series, five senior compliance practitioners outline their best-practices strategies for protecting their firms from data breaches. ANDREW BEAGLEY Chief Risk Officer OptimEyes.ai Years in compliance: 30 KORTNEY NORDRUM Regulatory Counsel & CCO Deluxe Years in compliance: 7 LAURIE ROBERTS Founder and President Cheatham Roberts Consulting (Formerly Managing Director and CCO of Civitas Capital Group) Years in compliance: 26+ KC TURAN SVP, Chief Risk, ... [Read More]

Mar 3rd, 2021 - 3 Security Issues Overlooked By the NIST Framework For most companies, the first port of call when it comes to designing a cybersecurity strategy is the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This is good since the framework contains much valuable information and can form a strong basis for companies and system administrators to start to harden their systems. Following the recommendations in NIST can help to prevent cyberattacks and to therefore protect ... [Read More]

Mar 2nd, 2021 - Over the next five days, five senior compliance practitioners will answer questions on managing cyber-risk, how to best prevent and detect a data breach, and other data security and privacy topics. Today’s question: ANDREW BEAGLEY Chief Risk Officer OptimEyes.ai Years in compliance: 30 KORTNEY NORDRUM Regulatory Counsel & CCO Deluxe Years in compliance: 7 LAURIE ROBERTS Founder and President Cheatham Roberts Consulting (Formerly Managing Director and CCO of Civitas Capital Group) Years in ... [Read More]

Mar 1st, 2021 - DoD: Get Started With a CMMC Self-Assessment Now | Apptega The U.S. Department of Defense (DoD) recommends prime contractors and subcontractors in the Defense Industrial Base (DIB) prepare for Cybersecurity Maturity Model Certification (CMMC) requirements in contracts now even though no organizations are yet accredited to conduct official certification assessments. CMMC Background and Current Status In January 2020, the U.S. government released the first version of its CMMC program, followed ... [Read More]

Mar 1st, 2021 - Even if you haven’t used any Governance, Risk and Compliance (GRC) software yourself, you’re likely familiar with this category of software. As regulations proliferated and the risk landscape became more volatile in the past decade, many organizations found themselves struggling to keep up with regulations and wrestling with how to best protect their organizations from emerging threats. Recent surveys have found that today’s enterprises are spending more resources on meeting compliance ... [Read More]