What’s The Difference Between Compliance and Ethics? As we celebrate Compliance and Ethics Week, we have been thinking about some of the confusion that many people have about the roles that ethics and compliance play in organizations. In this article, we discuss the difference between compliance and ethics, and how they work together and separately […]
Category Archives: Privacy and Compliance
The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk. Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement […]
Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the […]
The security protections offered by Microsoft 365 give businesses new tools to safeguard data, even on remote workstations. As any IT professional will tell you, IT security is an ever-evolving landscape, with new threats emerging each year, and new tools being developed in response. While the security arms race often feels like it is escalating […]
What does the DOD’s new Cybersecurity Maturity Model Certification mean for your business? As of this year, the DOD is rolling out a new certification standard for contractors, with the aim of tightening cybersecurity protocols and reducing vulnerabilities to possible cyberattacks. While various other regulations in the past have included cybersecurity components, the Cybersecurity Maturity […]
The IRS has created a “Taxes-Security-Together” checklist to help accountants and tax preparers stay compliant. Should your business follow suit? It’s tax season, which means businesses around the country are pulling together their financial documents and submitting statements to their accountants. These documents are rich in sensitive information that can be exploited by identity thieves […]
When does security automation help businesses, and when does it cause more problems than it solves? The rise of automation has been a common theme in stories that touch almost every business sector—including IT. In fact, one of the places where automation has shown the most value has been in IT security, where it can […]
During the 2017 AIAG Supply Chain Summit, the formation of a new working group tasked with creating a set of information security standards was announced. These standards would be created for use by the OEM’s third-party suppliers and partners, and center around protecting OEM intellectual property during contract fulfillment. Five OEM’s participated in the working […]