As Barnes Dennig added another CCSFP this month, we wanted to reflect on the evolution of the Common Security Framework. Although the HITRUST Alliance was started by a consortium of healthcare industry leaders, the Common Security Framework (CSF) continues to address a number of criteria beyond HIPAA. It will be
The National Institute of Standards and Technology (NIST) recently released version 2.0 of its Risk Management Framework (RMF). The RMF addresses security, privacy, and supply chain risk in an integrated manner. One of the significant additions to the RMF is a step called Prepare. Prepare is intended to help organizations
Gift cards, bonuses and incentives are very popular throughout the end of the calendar year and in the opening months of the new year. Unfortunately, scammers are well aware of this, and they’re looking to cash in. As a result, companies are more vulnerable to Business Email Compromise (BEC) scams.
As of December 15, 2018, the 2017 Trust Services Criteria are officially in effect. Organizations that are issuing System and Organization Controls (SOC 2) Reports will need to ensure that their reports reflect the changes from the previous Trust Services Criteria and Principles. How these changes impact your SOC 2
In June 2018, the Ohio legislature passed Senate Bill 220, known as the Ohio Data Protection Act (the “Act”). The Act takes a new approach to cybersecurity in that it creates an affirmative defense for companies that suffer a data breach if they have a written cybersecurity program in place.
Technology is advancing at a rapid pace and with it comes many changes and opportunities. In the last few years alone, construction companies have integrated new technologies into the workflow to reduce inefficiencies and streamline processes. The integration of tools such as drones, Building Information Modeling (BIM), virtual reality and