What Is Cybersecurity Maturity Model Certification Level 1?
When the Department of Defense revamped its cybersecurity program, it created the "Cybersecurity Maturity Model Certification" (CMMC). The DoD and its contractors are required to follow the CMMC, and businesses may be assigned a "level" of certification. These levels...
SolarWinds Attack
On December 8, 2020, corporate security management company FireEye reported on a serious issue in their blog. According to the publication, several of the company's accounts had been "attacked by a highly sophisticated threat actor", most likely a nation with...
SOC for Azure: Securing Microsoft Azure Environments
Blog If you’re looking for a SOC report for Microsoft Azure-hosted environments, you’re not the only one. Many companies working with sensitive data understand that there is shared responsibility for data confidentiality, integrity, and accountability. As...
SOC 3 Report: All You Need to Know
What is a SOC 3? System and Organization Controls 3 reports, also known as a SOC 3 report, is one of three audits that organizations can undertake to meet the specified Trust Service Principles, as defined by the AICPA. The audit is performed by accredited...
Vendor Key Performance Indicators
Blog Any successful IT company must have an effective IT vendor KPI management. Regardless of how talented each individual in the company is, tracking the KPI of vendor management is critical for any business to thrive. It’s always been common practice to...
5 Effective Vendor Due Diligence Best Practices
Assessing the reputations of the people and companies with whom you do business has always been standard practice. Formally known as the vendor due diligence process, most successful companies have another party examine how any vendor operates before allowing them...
Vendor Risk Management Best Practices
What Are the Best Risk Management Best Practices? Now that the global supply chain is becoming more complex, and companies are establishing relationships with an increasingly intricate network of partners, third-party risk management is imperative. We recommend to...
What Is “Third Party” in Third-Party Risk Management?
In an era when protecting digital assets is essential for all companies, you must find ways to identify and mitigate risks from your vendors and suppliers. It is your partners, suppliers, and sub-contractors who enable your organization to thrive and diversify. These...
Third Party Data Breaches: All You Need to Know in 2020
What Is a Third-Party Data Breach? In short, a third party breach occurs when a secondary vendor for a product has sensitive data stolen from them. In previous decades, the most common form of the breach was a primary breach, when attacks were on their direct targets....
What is the Cybersecurity Maturity Model Certification (CMMC)?
The Cybersecurity Maturity Model Certification (CMMC) is a standardized set of requirements developed by the Department of Defense (DoD). Every contractor and governmental subcontractor to the DoD that stores, processes or manages Controlled Unclassified Information...
