Cyber Security vs. Compliance

Cyber Security and Compliance

As we continue to see crippling data breaches, new regulations like GDPR and California’s Consumer Privacy Act will become more common. But is maintaining compliance with current regulatory laws enough to protect your business from sophisticated cyber security attacks?

It’s important to note that these two elements of corporate reality – cyber security and compliance – are two distinctly different concepts. Becoming fully comprehensive in one does not mean you are also fully comprehensive in the other. Each concept covers a separate and distinct aspect of any company’s well-being, so both require independent analysis and effort to become fully operational as a stand-alone asset. Only when each is wholly sufficient in and of itself should they be considered as evidence of sound enterprise IT governance.

Read More

Accelerate the CMMC Certification Process

The Defense Department’s new high-profile cybersecurity regulations, CMMC, is on schedule for implementation this year. The CMMC Certification is part of the Defense Department’s push to protect industrial base networks and controlled unclassified information from cyber¬attacks. The CMMC rules will require contractors to be certified by third-party auditors, which will ensure that companies adhere to specific standards. Organizations will be required to meet different security requirements depending on the type of work they are doing, with level 1 being the lightest and level 5 the most stringent.

Read More

FedRAMP or FISMA – What’s the Difference

FedRAMP and FISMA

Government compliance standards can seem like a veritable alphabet soup. Making matters worse, many of them, like FedRAMP and FISMA seem to overlap, and many organizations aren’t sure which rules are mandatory to do business. With the rise of cloud computing, there has been an increased emphasis within the government to transition to commercial cloud services. It is mandated within the government to move to cloud-based services if they are available to meet the mission need of the federal agency.

Two standards that seem to cause the most questions are FISMA and FedRAMP.

Read More