What’s The Difference Between Compliance and Ethics? As we celebrate Compliance and Ethics Week, we have been thinking about some of the confusion that many people have about the roles that ethics and compliance play in organizations. In this article, we discuss the difference between compliance and ethics, and how they work together and separately… read more
The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk. Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement… read more
If your business plans to work with the DoD, you will need to meet the appropriate level of cybersecurity preparedness. With each year bringing an increase in the number and sophistication of cyberattacks, the DoD has made an ongoing priority to improve security around its network of suppliers and contractors, especially with regard to Federal… read more
Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the… read more
The security protections offered by Microsoft 365 give businesses new tools to safeguard data, even on remote workstations. As any IT professional will tell you, IT security is an ever-evolving landscape, with new threats emerging each year, and new tools being developed in response. While the security arms race often feels like it is escalating… read more
What does the DOD’s new Cybersecurity Maturity Model Certification mean for your business? As of this year, the DOD is rolling out a new certification standard for contractors, with the aim of tightening cybersecurity protocols and reducing vulnerabilities to possible cyberattacks. While various other regulations in the past have included cybersecurity components, the Cybersecurity Maturity… read more
The IRS has created a “Taxes-Security-Together” checklist to help accountants and tax preparers stay compliant. Should your business follow suit? It’s tax season, which means businesses around the country are pulling together their financial documents and submitting statements to their accountants. These documents are rich in sensitive information that can be exploited by identity thieves… read more
When does security automation help businesses, and when does it cause more problems than it solves? The rise of automation has been a common theme in stories that touch almost every business sector—including IT. In fact, one of the places where automation has shown the most value has been in IT security, where it can… read more
Wondering why you keep being asked to allow cookies when you browse the Internet? Here’s the answer you’ve been looking for. You’ve probably heard of HTTP cookies (also known as “web cookies,” “browser cookies,” or simply “cookies”) before. Maybe you’ve visited a website and had it ask you for permission to use cookies and wondered… read more
During the 2017 AIAG Supply Chain Summit, the formation of a new working group tasked with creating a set of information security standards was announced. These standards would be created for use by the OEM’s third-party suppliers and partners, and center around protecting OEM intellectual property during contract fulfillment. Five OEM’s participated in the working… read more