Feb 2, 2018 4:06:23 PM

6 Steps to NIST 800-171 Compliance

NIST 800-171 provides a framework for the protection of controlled, unclassified information (CUI). The framework is intended to provide guidance for nonfederal entities working with and accessing the data of federal entities. However, NIST 800-171 serves as a best practice for controls for privacy and security for many types of unclassified data.

Topics: Cyber Assurance Insights, IT GRC, Cyber GRC, Cyber Regulations, Compliance, NIST 800-171

Jul 25, 2017 10:02:00 AM

What You Need to Know About Cyber Regulations

Everyone hears about cyber risk, but not everyone is aware that that the federal government is taking steps to help protect public companies and investors from malicious hackers.  Recently, the Senate moved forward a bill requiring public companies to 1) name a cyber security expert on the board or 2) explain the other cyber security steps taken if no board member has cyber security expertise (the Cybersecurity Disclosure Act of 2017).  The bill has bipartisan support and is a common sense next step.  This bill is very similar to the requirement that came out of SOX that required a financial expert on audit committees. 

Topics: Cyber Assurance Insights, Cyber Regulations