Lazarus Alliance Receives C3PAO Designation: A CMMC 2.0 Primer

Apr 20, 2023 Lazarus Alliance 0 Comment

Experienced NIST 800-171 controls implementation by Lazarus Alliance

In an era where cyber threats are constantly evolving, the importance of robust cybersecurity practices in the Department of War (DoW) supply chain can never be underestimated. The DoD relies on a vast network of defense contractors to support its mission, making protecting sensitive information in the supply chain a critical concern. In response to this need, the DoD introduced the Cybersecurity Maturity Model Certification (CMMC) as a comprehensive framework to enhance the security posture of defense contractors and minimize the risk of cyber threats and data breaches.

The original CMMC framework, while effective, raised concerns among industry stakeholders, particularly regarding its accessibility for small and medium-sized businesses that work with the DoD. As a result, the DoD revised and updated the framework, introducing CMMC 2.0 to address these concerns and streamline the certification process.

We’re discussing this critical security framework to mark the Lazarus Alliance receiving our CMMC Third-Party Assessment Organization (C3PAO) accreditation. This article will provide an in-depth look at the key changes introduced in CMMC 2.0, how defense contractors can benefit from the updated framework, and guidance on preparing for CMMC 2.0 certification.

What Is OCTAVE and OCTAVE Allegro?

Apr 12, 2023 Lazarus Alliance 0 Comment

The importance of risk management cannot be overstated… and yet, many enterprises struggle with the practice due to a lack of standardization or expertise. And while the challenges that businesses face implementing risk management are understandable, they are no longer acceptable.

This article will provide an in-depth overview of OCTAVE Allegro, a framework developed to help small and mid-sized businesses effectively approach risk management. Whether you are an IT professional, security analyst, or business owner, understanding the capabilities of OCTAVE Allegro can help you better protect your organization from cyber threats.

What Is ISO 27017 and How Does it Inform Cloud Security?

Apr 6, 2023 Lazarus Alliance 0 Comment

Lazarus Alliance cybersecurity team conducting a proactive ISO cloud audit for ISO/IEC 27017 compliance.

As cloud computing continues gaining popularity, organizations increasingly turn to cloud services to store and process their data. However, with this increased reliance on cloud services comes a heightened risk of data breaches and cyber attacks, making cloud security a critical concern for businesses of all sizes.

To address these concerns, the International Organization for Standardization (ISO) has published a code of practice for information security controls for cloud services–ISO 27017. This standard provides guidelines and general principles for securing cloud-based systems and protecting against potential security threats.

This article will explore the critical components of ISO 27017 and their importance in securing cloud-based systems. We will also discuss some of the best practices for implementing ISO 27017 in your organization and the benefits that it can provide. Finally, we will examine some challenges organizations may face when implementing ISO 27017 and guide them on overcoming them.