Control Origination Demystified

Control Origination can be confusing. Get it wrong and your System Security Plan (SSP) control definitions will not be attestable or certifiable. This series of illustrations provide an explanation to guide you through Control Origination requirements present in all NIST and FISMA assessments such as FedRAMP, 800-53, HIPAA, CJIS, DFARS, 800-171 and others.All controls originate… Read More

HHS Publishes Healthcare Cyber Security Guidelines Based on NIST CSF

New HHS publication outlines top cyber threats & best practices for healthcare industry Noting that cyber security is “the responsibility of every health care professional, from data entry specialists to physicians to board members,” the U.S. Department of Health and Human Services (HHS) has published Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP).… Read More