Starting in Q1 2025, software providers in the DoD supply chain must align their security with CMMC 2.0 standards. While many enterprise customers have been spending that past year getting ready, the reality is that most businesses don’t share this level of preparedness–specifically, small businesses. 

Meeting the challenges of a complex framework like CMMC can be challenging for SMBs with limited IT resources. Here, we’ll discuss how these organizations can prepare for their impending compliance requirements and maintain their contractual arrangements within the Defense supply chain. 

Read More

Generative AI is in the news, as usual. However, one of the big pushes we’re seeing lately is how the practices used by AI providers like OpenAI may violate user privacy. 

This, of course, is a big no-no for jurisdictions like the EU. 

Here, we’re dipping into the world of AI to talk about the latest complaint against OpenAI and how this speaks to privacy and GDPR compliance issues. 

Read More

In today’s digital age, cybersecurity is not just a technical necessity but a critical compliance requirement. Organizations worldwide face rigorous regulations to safeguard sensitive data and maintain public trust. 

The Common Criteria certification is a pivotal standard in cybersecurity compliance among these regulatory frameworks. 

This article will discuss how CC plays a role in other, more well-known security and privacy frameworks.

Read More