Do I Need a Certified Third-Party Assessment Organization (C3PAO) Under CMMC 2.0?

Nov 24, 2021 Lazarus Alliance 0 Comment

The DoD recently released its framework for the next model in CMMC compliance and audits–CMMC 2.0. This revision is expected to streamline the compliance process and trim some of the extraneous requirements from the framework, helping contractors in the DoD supply chain better meet their requirements without introducing unnecessary challenges or redundancies.

One of the more important aspects of CMMC certification is the inclusion of third-party audits. With the introduction of CMMC 2.0, these requirements have changed to make certification easier for contractors without sacrificing security.

How to Recognize and Address Insider Threats

Oct 13, 2021 Lazarus Alliance 0 Comment

According to federal prosecutors with the U.S. Navy, veteran Johnathan Toebbe, alongside his wife Diana Toebbe, attempted to sell sensitive information regarding Virginia-class submarines. This wouldn’t be the first time an insider threat led to a potential leak of crucial military information, but the fact that it has happened in 2021 indicates that even in 2021, mitigating insider threats is still a vital issue.

This news should be abundantly clear that insider threats are still a significant problem in modern cybersecurity. Here we’ll discuss what insider threats are and what you can do to reduce or mitigate the dangers of these threats for your organization.

What is NIST 800-66, and How Does it Apply to HIPAA?

Sep 22, 2021 Lazarus Alliance 0 Comment

Cybersecurity is a community practice. Different innovations and discussions about new vulnerabilities, threats and controls inevitably influence security implementations in multiple markets and industries, depending on their applicability. This is just as true for healthcare, an industry generally governed by HIPAA. HIPAA, however, is complex, and organizations working in healthcare often look outside their own industry to help them better understand cybersecurity outside just hitting compliance checklists. That’s where NIST 800-66 comes in.

In this article, we’ll discuss HIPAA security and how it relates to NIST 800-66. This NIST document helps healthcare providers under HIPAA understand more advanced security controls that could support their compliance, privacy and cybersecurity controls.