Regulations, Frameworks, and Controls - November 12, 2021

Many companies struggle with all of the cybersecurity documentation, processes, and policies that can limit their business growth and REALLY stress them out. Omnistruct serves as an enterprise partner for the critical policies, processes, and documentation needed to make sure all of that data and revenue is well protected against cyber threats and that the company stays in compliance with all rules and regulations.

Zero Trust: What NIST’s Guidelines Mean for Your Resources

In its Special Publication (SP) 800-207 ‘Zero Trust Architecture’ published in August 2020, NIST pointed to the reality that many conceptualizations of zero trust position themselves in terms of what to exclude. Many of those take umbrage with perimeter defenses like firewalls in particular. As I’ve written before, zero trust and firewalls can coexist. By David Bisson I November 8, 2021 Read More

Implementing the NIST Privacy Framework – Protect Function

As previously published in an article outlining the best ways to leverage the NIST Privacy (NIST-P) Framework to assess data privacy posture, develop readiness roadmaps, and mature organizational privacy programs, The NIST Privacy Framework is a widely known control set used to assist organizations in identifying privacy risks within their business environment and allocating resources to mitigate these risks. By JD Supra I November 9, 2021 Read More

CMMC 2.0: Throwback Cybersecurity — Everything Old Is New Again

After months of review, on November 4, 2021, the Department of Defense (DoD) finally unveiled its new version of the Cybersecurity Maturity Model Certification (CMMC 2.0). Well, almost. In a blink-and-you’ll-miss-it moment, the Department posted, then quickly removed, new federal regulations in/from the Federal Register highlighting the changes in CMMC. By JD Supra I November 11, 2021 Read More