Compliance & Privacy Archives

Navigating CMMC 2.0: New Cybersecurity Standards Impact Higher Education

Michelle Drolet

The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity standard introduced in 2020 to ensure that defense contractors and subcontractors protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). While the scope of the CMMC was initially limited to organizations within the Defense Industrial Base, it was recently expanded to include universities and colleges since many of

4 Minute 25 Second Read

Use payment tech and still not ready for PCI DSS 4.0? You could face stiff penalties

Michelle Drolet

The Payment Card Industry Data Security Standard’s 4.0 requirements are designed to protect card information from theft or fraud. Here are some important controls that must be in place before April 2025. The Payment Card Industry Data Security Standard (PCI DSS) is a set of security requirements introduced by the Payment Card Industry Security Standards

4 Minute 32 Second Read

Nine Priorities For Your 2025 Cybersecurity Plan And Strategy

Michelle Drolet

Approximately 1 in 3 SMBs were hit by a cyberattack last year—some costing upward of $7 million. The need to prioritize cybersecurity has never been greater. Let’s explore nine cybersecurity elements that organizations must prioritize for 2025. 1. Put Someone In Charge Just like you have an expert in charge of looking after your company’s finances, it’s

3 Minute 54 Second Read

Upcoming HIPAA Security Rules Require Stricter Cyber Controls

Michelle Drolet

The US Department of Health and Human Services (HHS), through its Office of Civil Rights (OCR), is proposing an update to the “Security Rule” of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The proposed Security Rule requires entities like healthcare providers, business associates, and health plans to improve cybersecurity practices. This is the first update the Security Rule has received since 2013, and it’s mostly driven by escalating cyberattacks resulting

4 Minute 53 Second Read

Get your payment card data security in check before the April deadline

Janelle Drolet

If you’re in charge of payment card data at your company, you’ve probably come across the term PCI DSS. No, it’s not some secret code; it stands for Payment Card Industry Data Security Standard. Basically, it’s a set of rules designed to keep your customers’ card info safe from cyber crooks. Here to tackle today’s

2 Minute 22 Second Read

Why Organizations Are Vulnerable To Cyberattacks During Election Season And The Threats They May Face

Michelle Drolet

Just in time for the 2024 U.S. elections, cyberattacks and malicious activities are ramping up. For numerous reasons, elections are the perfect time for opportunistic cybercriminals to target businesses: • High visibility: Elections provide an ideal platform for nation-states and hacktivists looking for ways to undermine democracies, destabilize elections, damage reputations and steal campaign data. Since elections

4 Minute 15 Second Read

The Zero-Trust Concept And Use Cases Explained

Michelle Drolet

About 63% of organizations worldwide have partially or fully implemented a zero-trust strategy. For those who don’t know what zero trust means, it’s basically a security model that enforces strict verification for every user and device that is trying to access applications or other company assets. So why is zero trust suddenly so popular? There are several

4 Minute 34 Second Read

Updated FTC Safeguards Rule: The What, Why And How

Michelle Drolet

The Federal Trade Commission’s Standards For Safeguarding Customer Information Rule (aka The “FTC Safeguards Rule”) is a regulation requiring entities to develop, implement and maintain a comprehensive information security program consisting of appropriate administrative, technical and physical safeguards to keep nonpublic personal/customer information secure. Although this regulation came into effect in 2003, it was updated

4 Minute 0 Second Read

Attention Healthcare Providers: Prepare For A Random HIPAA Audit Check!

Michelle Drolet

HIPAA audits are back! The Office of Civil Rights (OCR), a branch of the U.S. Department of Health and Human Services (HHS) which oversees enforcement of HIPAA compliance, announced the return of their HIPAA audit program due to an exponential rise in cyber-attack in the healthcare sector. According to IBM, the average cost of a

4 Minute 22 Second Read

10 Things I know about… Compliance Risk

Janelle Drolet

Our VP of Sales and Operations, Janelle Drolet shares her 10 Things I know about… Compliance Risk with Worcester Business Journal 10) No place to hide: The regulations, laws, and frameworks an organization needs to comply with will depend on its industry, location, and the type of data it processes. IBM cites the average cost

1 Minute 44 Second Read

Our Cybersecurity Solutions

Virtual Security Officer

We Advise

Industries

Trends & Threats

Knowledge Hub

Our Company

Solutions: Compliance & Privacy

Navigating CMMC 2.0: New Cybersecurity Standards Impact Higher Education

Use payment tech and still not ready for PCI DSS 4.0? You could face stiff penalties

Nine Priorities For Your 2025 Cybersecurity Plan And Strategy

Upcoming HIPAA Security Rules Require Stricter Cyber Controls

Get your payment card data security in check before the April deadline

Why Organizations Are Vulnerable To Cyberattacks During Election Season And The Threats They May Face

The Zero-Trust Concept And Use Cases Explained

Updated FTC Safeguards Rule: The What, Why And How

Attention Healthcare Providers: Prepare For A Random HIPAA Audit Check!

Talk with us now about:

Your security needs.

Call 774.204.0700

Email Us