Before this pandemic, many employees seldom worked outside of the office environment. Therefore, the main focus of InfoSec and Cyber Security was on the organization’s on-site communication infrastructure. The majority of company policies on this subject were centered around internal conduct and practices. That begs the question of whether or not companies were prepared for this unforeseen transition. Chances are that many businesses were caught off-guard by this recent development, and that is why the Information Technology Laboratory released a special bulletin for March 2020 that addresses Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions.
Managing Remote Access Security Risks During the COVID-19 Crisis
Jun 10, 2020 10:37:07 AM / by Jeffery Ratliff posted in cybersecurity, Strategy, assessments, telework, working remotely, COVID-19
Selling to Defense Organizations? Get introduced to DFARS
Jan 17, 2020 3:58:44 PM / by Vikas Bhatia posted in compliance, assessments, dfars, 800-171
Throughout its history, the Department of Defense (DOD) has relied on contractors, these are individuals or non-federal companies that supply services, supplies, or construction. Almost all of these relationships involve the sharing of sensitive information which could present some sort of risk.
How do I start a vendor management program?
Jan 6, 2020 11:38:06 AM / by Vikas Bhatia posted in compliance, assessments, 3rd party
You've probably heard how important vendor management is to the success of your information security program. But it's important that you learn how to start a vendor management program and perform assessments for it so that each assessment supports your business.