CMMC for Small Businesses: Getting Ready for Compliance

May 30, 2024 Lazarus Alliance 0 Comment

Starting in Q1 2025, software providers in the DoD supply chain must align their security with CMMC 2.0 standards. While many enterprise customers have been spending that past year getting ready, the reality is that most businesses don’t share this level of preparedness–specifically, small businesses.

Meeting the challenges of a complex framework like CMMC can be challenging for SMBs with limited IT resources. Here, we’ll discuss how these organizations can prepare for their impending compliance requirements and maintain their contractual arrangements within the Defense supply chain.

GDPR, Privacy, and OpenAI

May 22, 2024 Lazarus Alliance 0 Comment

Generative AI is in the news, as usual. However, one of the big pushes we’re seeing lately is how the practices used by AI providers like OpenAI may violate user privacy.

This, of course, is a big no-no for jurisdictions like the EU.

Here, we’re dipping into the world of AI to talk about the latest complaint against OpenAI and how this speaks to privacy and GDPR compliance issues.

Understanding NVLAP Common Criteria Testing

May 1, 2024 Lazarus Alliance 0 Comment

Government agencies (and their vendors and partners) are increasingly entrusted with sensitive data. Accordingly, protecting critical infrastructure and cybersecurity are both top priorities. The tools they use must come from time-tested and verified protocols to ensure they are secure and not tampered with. In turn, this means that these tools must come from labs that follow the strictest of requirements.

NVLAP Common Criteria certification serves as a valuable tool for governments to evaluate the security capabilities of IT products and systems before procurement.