NIST 800-30 and the Risk Assessment Framework

Sep 16, 2021 Lazarus Alliance 0 Comment

Risk assessment has been and continues to be, one of the more challenging cybersecurity practices that many organizations will put into place. Unlike simple security control implementation and maintenance, risk assessment calls for your organization to understand how adopting, or not adopting, particular controls, operations or processes can impact security.

As the federal government and the defense supply chain are turning more and more attention to the importance of cybersecurity (including President Biden’s Executive Order on the subject and the several bills in Congress addressing limitations in our security posture), businesses working in that area will be expected to implement risk-based compliance. This fact, in turn, means that you must understand critical government frameworks that speak about risk.

In this article, we are discussing NIST 800-30 and how it serves as a foundation for risk assessment in government compliance.

What is NIST Special Publication 800-53 Compliance?

Sep 9, 2021 Lazarus Alliance 0 Comment

It makes sense that some of the more powerful and rigorous security regulations are in the federal government. As federal agencies turn to third-party IT vendors to fulfill their missions, the demand for transparent, translatable and effective security regulations is only increasing. That’s why NIST 800-53, now on its fifth revision, is so important for agencies and contractors alike.

Here, learn more about NIST 800-53, why it is so important to government (and, increasingly, private sector) IT security and why it benefits you to consider adopting its standards.

What is Data Governance and Why Is it Important?

Sep 2, 2021 Lazarus Alliance 0 Comment

Data is such a rich and complex part of our modern society that several disciplines have risen around its management. Most enterprise businesses have data governance policies in place to support their business, security and compliance objectives, and these policies are evolving at a rapid rate.

Here, we want to introduce the concept of a data governance policy and why it is important for your business. It doesn’t matter if you are a small vendor or a multi-site enterprise; having data governance policies in place is a necessary part of doing business.