The U.S. Department of Defense launched the Cybersecurity Maturity Model Certification (CMMC) in response to the escalating cyber threats. This initiative underscores the increasing emphasis on the maturity of cybersecurity programs as a benchmark for assessment and standardization within the Defense Industrial Base and its extensive supply chain.

Yet, a surprising revelation from Infosecurity Magazine indicates that a mere 22% of organizations have fully matured their cybersecurity programs. 

This article discusses the foundation of cybersecurity maturity, its significance, and best practices. 

Read More

Due to some recent actions against online medical providers like BetterHealth and GoodRX, the Department of Health and Human Services has released a new warning for covered entities regarding the tracking methods they use on their websites. 

While web tracking has become a typical technology for most businesses, it’s not a cut-and-dry proposition for healthcare providers who have to maintain patient privacy. 

Read More

In today’s ever-evolving digital landscape, our central concern revolves around safeguarding data security and privacy. As businesses increasingly depend on cloud services and third-party vendors to manage their data, it becomes crucial to ensure these service providers adhere to stringent security standards. 

A prominent standard in this domain is the Service Organization Control 2, or SOC 2, a framework developed by the American Institute of Certified Public Accountants (AICPA). SOC 2 evaluates and reports on the controls at service organizations that directly impact customer data.

In this discussion, we delve into SOC 2 assessors and the essential factors to consider when selecting one.

Read More