With modern IT infrastructure becoming increasingly complex, intertwined systems managed through service providers and managing experts, the inevitable security problem rears its head. How can one organization, using several service providers, ensure their data security as it travels through those systems?

Over the past decade, enterprise and government specialists have refined the practice of risk management and security-focused on digital supply chain management. To support such efforts, the National Institute of Standards and Technology (NIST) released the newest revision, NIST 800-161, in May 2022. 

Read More

The Internal Revenue Service is one of the largest and most essential federal government agencies… which means that there is a lot of opportunity for third-party contractors and managed service providers to offer products to support its mission. It also means that these contractors will be expected to adhere to security standards, specifically those outlined in IRS 1075. 

Fortunately, IRS 1075 is aligned with other federal standards, all of which provide a sound security footing and potential to pivot services to other government agencies. Here, we’ll discuss some overlap between IRS 1075 and federal standards, specifically those related to the National Institute of Standards and Technology (NIST). 

Read More

FISMA is one of the foundational cybersecurity documents in the U.S. government. Its passage in 2002 and subsequent update in 2014 have defined the security landscape for federal IT systems and associated contractors. 

However, a one-two punch from Congress and the President has changed things again. With recent cyber threats causing major damage to public and private resources, an Executive Order from the Office of the President, coupled with updates implemented by Congress, has shaped, directly or indirectly, the implementation of FISMA.

Read More