What is Application Scanning and Why Is it Important?

Jan 12, 2022 Continuum GRC 0 Comment

Security isn’t simply something to consider during audits. In today’s evolving threat landscape, new attacks are emerging every day, and security experts are racing to stay ahead of them. The best approach to mitigating security is to maintain proactive cybersecurity practices, including testing, self-assessments and application scanning.

Because many organizations are using or deploying web applications, application scanning is an increasingly necessary utility. Learn more about application scanning and why it’s essential for your business.

How Severe Are General Data Protection Regulation (GDPR) Fines?

Jan 5, 2022 Continuum GRC 0 Comment

We’ve already been seeing the changes for months now: new, robust cookie acceptance disclaimers, longer and more involved data collection forms and an uptick in fines for U.S. companies operating in the European Union.

Companies in the United States are starting to understand their regulatory responsibilities under EU law, but few actually understand the scope of their obligations. Here, we’ll discuss some of the impacts that GDPR has on U.S. businesses and if that will trickle down to companies of all sizes.

CMMC 2.0 Maturity Levels and NIST 800-171

Jan 1, 2022 Continuum GRC 0 Comment

The original CMMC (version 1.0) was based on several cybersecurity guidelines, most prominently NIST 800-171. With the announcement of CMMC version 2.0 in early November 2021, however, the alignment between the frameworks and the NIST document has changed a bit. Fortunately, this change seems to be for the better, or at least more intuitive, for assessors and contractors.

Here, we’ll discuss how the new CMMC 2.0 assessment levels align with NIST 800-171 and how this can help contractors more readily meet their security obligations once the new framework goes into effect.