NIST 800-171 3.9 PERSONNEL SECURITY 3.9.1 Screen individuals prior to authorizing access to organizational systems containing CUI Personnel security screening (vetting) activities involve the evaluation/assessment of individual’s conduct integrity judgment loyalty reliability and stability (i.e. the trustworthiness of the individual) prior to authorizing access to organizational systems containing CUI. The screeningactivities reflect applicable federal laws Executive Orders directives policies regulations and specific criteria established for the level of access required for assigned…
NERC CIP-002 through CIP-014 Revision 6_CIP-009-6 3.1
NERC CIP-002 through CIP-014 Revision 6 Recovery Plan Review, Update and Communication CIP-009-6 3.1 3.1 No later than 90 calendar days after completion of a recovery plan test or actual recovery: 3.2.1. Update the Cyber Security Incident response plan(s); and3.2.2. Notify each person or group with a defined role in the Cyber Security Incident response plan of the updates. M3. Acceptable evidence includes but is not limited to each of the applicable…
NIST 800-53 Media Protection MP-6 Media Sanitization a. Sanitize [Assignment: organization-defined system media] prior to disposal release out of organizational control or release for reuse using [Assignment: organization-defined sanitization techniques and procedures]; andb. Employ sanitization mechanisms with the strength and integrity commensurate with the security category or classification of the information. Click here to Start your FREE trial today! Explainer video What is a Cybersecurity Compliance Framework? You don’t need…
Is Your Supply Chain Resilient?
The major upheavals of the last couple of decades, such as the global recession and the COVID-19 pandemic, have demonstrated that firms will suffer severe setbacks if their supply chains are not resilient. An entire supply chain becomes vulnerable if one component is exposed to risk, just like a house of cards will topple if one section is out of balance. Supply chain resilience refers to an organization’s ability to use its…
How to Become a Resilient Organization
The last year and a half have taught us that the world can experience a tremendous change in a short time. Whether it’s rapid technological advancements, cyberattacks, stalling economies or even a global pandemic, only resilient organizations can weather these storms. That’s why the concept of organizational resilience is now more relevant than ever before. Organizational resilience is all about how well a company anticipates, plans for and responds to gradual…
Defense Strategies to Combat Insider Threats
Insider threats are among the most dangerous cyberthreats out there. Yet, organizations of all sizes seem to be either reluctant or negligent when it comes to fighting them. Over 50 percent of organizations don’t have an Insider Risk Response Plan and 40 percent don’t assess how effectively their technologies mitigate insider threats.1 Even though 59 percent of IT security leaders expect insider risks to increase in the next two years, very little…
Have You Seen These Parental Control Options?
Are your kids safe online? The Internet is a DANGEROUS place – so if you have children or teens, you’ve probably thought about their safety online more than once. Not taking action can lead to all kinds of TROUBLE down the road, so here’s what to do… Recently, Wired published a how-to article on parental controls for the big three…Google, Apple, and Microsoft. Chances are you and your family use at least…
Cyber Security Resolutions for SMBs
Small and mid-sized businesses still struggle to implement network security solutions. SMBs continue to identify budget constraints as the main barrier when it comes to IT security. This limitation in resources highlights another glaring statistic; 52% SMBs surveyed did not have a dedicated IT security professional on staff or distribute this responsibility across other roles. Distributing network security functionality across several roles can seem like an effective way to manage the time…
The Road to Hell is Paved with Bad Passwords
What’s the worst that could happen? The day started like any other, nothing out of the ordinary. Peacefully about to chomp down on lunch. An imposing man in an expensive looking suit was sent to summon me. Usually this happens if there’s been an accident or death in the family. With the first bite of food still in my mouth, I fumbled when asking, “Was there an accident?” His response, “I wasn’t…