• Training
    • Overview
    • Schedule
    • Catalog
    • Training Reviews
    • Delivery Options
    • About Our Training
    • Exam Pass Guarantee
    • Student Funding
    • Alpine Security GSA Schedule
    • DoD 8570/8140 Approved Training
  • Services
    • Overview
    • Medical Device Cybersecurity
    • CISO-as-a-Service
    • Penetration Testing
    • DFARS and CMMC Compliance Audit
    • Breach Prevention Audit
    • Cybersecurity Risk Management Program
    • Enterprise Security Audit
    • Alpine Services Reviews
  • Blog
  • News
  • About Us
    • About Us
    • Meet The Team
    • Why Alpine?
  • Contact
CISO Global (formerly Alpine Security)CISO Global (formerly Alpine Security)
CISO Global (formerly Alpine Security)CISO Global (formerly Alpine Security)
  • Training
    • Overview
    • Schedule
    • Catalog
    • Training Reviews
    • Delivery Options
    • About Our Training
    • Exam Pass Guarantee
    • Student Funding
    • Alpine Security GSA Schedule
    • DoD 8570/8140 Approved Training
  • Services
    • Overview
    • Medical Device Cybersecurity
    • CISO-as-a-Service
    • Penetration Testing
    • DFARS and CMMC Compliance Audit
    • Breach Prevention Audit
    • Cybersecurity Risk Management Program
    • Enterprise Security Audit
    • Alpine Services Reviews
  • Blog
  • News
  • About Us
    • About Us
    • Meet The Team
    • Why Alpine?
  • Contact

Compliance and Audit

What is the Difference Between CMMC, DFARS, and NIST 800-171?

What is the Difference Between CMMC, DFARS, and NIST 800-171?

...

Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing

Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing

Penetration testing offers two important benefits — security and regulatory compliance. Rising cybercrime, such as the Equifax breach, has affected millions of Americans who now insist on knowing that companies will keep their data secure. And government regulators are happy to help them do it by penalizing companies that do not comply with federal guidelines.

CIS Control 2:  Are You Running Software Unaware?

CIS Control 2: Are You Running Software Unaware?

CIS control 2 speaks to basic cybersecurity hygiene, only it is software and applications specific. Often, attackers will look for unpatched or unsupported software to target, regardless of the system it is running on, or the type of business using it.

General Data Protection Regulation (GDPR) Overview

General Data Protection Regulation (GDPR) Overview

The new European Union (EU) Regulation 2016/679 GDPR (General Data Protection Regulation) have gone into effect May 25, 2018. This will have a far-reaching effect and identify many possible repercussions for any organization collecting, processing, and/or storing any EU citizen’s information.  Your company need not be located in any of the EU countries; rather if your company collects any EU citizen’s information, your company must adhere to and be complaint to the new regulation. 

CIS Control 1:  The Beginning of Basic Cybersecurity

CIS Control 1: The Beginning of Basic Cybersecurity

The CIS Critical Controls were developed as a framework to not only ensure the successful realization of basic cybersecurity hygiene, but to lead to the planning and implementation of a robust security protocol. To build any cybersecurity protection schemata, it is necessary to know the extent of what it is you are protecting.

CIS Controls: A Cybersecurity Blueprint to Prevent Cyber Attacks

CIS Controls: A Cybersecurity Blueprint to Prevent Cyber Attacks

At the small to midsize business level, cyberattacks aren’t merely annoying — they can spell certain doom for those already struggling to get by. Hence the need for robust security protocol. That’s exactly what the Center for Internet Security provides with its Top 20 list of Critical Security Controls. While these controls have been in the making for well over a decade, they’ve recently gained greater prominence at the federal and state level — and among private entities. In this blog we offer an in-depth overview of this critical security tool, as well as suggestions for implementation.

How to Perform a Cybersecurity Risk Assessment: A Step-by-Step Guide

How to Perform a Cybersecurity Risk Assessment: A Step-by-Step Guide

Organizational leaders must understand that comprehensive, risk-based decisions are vital to balancing the force multiplying effects of information systems with the risk of those systems being inherently vulnerable to exploitation. If you want to prevent or reduce the likelihood of an attack, you have to risk management strategy: how your organization will frame, assess, respond to and monitor risk over time.

HIPAA Compliance Checklist: Are You Compliant?

HIPAA Compliance Checklist: Are You Compliant?

As a healthcare facility who deals with a lot of sensitive information, you have to make sure you’re HIPAA compliant. In this article, you’ll find a compliance checklist that’ll help you cover all your bases and are HIPAA compliant.

GDPR Overview and Compliance

GDPR Overview and Compliance

GDPR will affect any business that has access to, or has the ability to process, personal data of any EU resident. In other words, if your business sells small kitchen tools online, and you sell to European customers, your data collection and privacy practices will be impacted by GDPR. This regulation will become mandatory for any company that deals in Europe, regardless if the business is located inside or outside the European Union. GDPR is slated to go into effect on May 25, 2018.

Nobody Likes a Compliance Audit… and Why You Should Do Them Anyway!

Nobody Likes a Compliance Audit… and Why You Should Do Them Anyway!

Audits are necessary to determine whether or not an individual, company, or organization is meeting the requirements of a specific set of regulations or controls. Since certain regulations can impose steep financial penalties or other negative sanctions for non-compliance on both organizations and employees, it is extremely beneficial for organizations to routinely have compliance requirements verified and conduct audits to ensure continued compliance. 

Who Needs Pen Testing? 3 Industries that Rely on It

Who Needs Pen Testing? 3 Industries that Rely on It

Penetration testing – sometimes called white-hat hacking – is how companies manage risk, increase business continuity, and protect clients from data breaches. In highly regulated industries such as healthcare, banking, and service industries, it also helps companies stay compliant. SOC 2, HIPAA, and PCI DSS are three of the main regulations that require penetration testing.

Critical Security Controls: Part 0 – Introduction

Critical Security Controls: Part 0 – Introduction

Everyone knows that they need to improve the current state of their cybersecurity measures, but to many people this task is a daunting one.  “Where do I start?  What should I focus on first? What security measures will have the greatest impact on the security of my computer systems and network?” Don’t worry, the Center for Internet Security can answer all these questions, and help guide you to a more secure infrastructure. 

PCI DSS Version 3.2 Released – Key Changes

PCI DSS Version 3.2 Released – Key Changes

PCI version 3.2 changes include penetration testing every six months, replacing SSL with TLS, having a formal process for detection and reporting critical security control failures, and multi-factor authentication for admin accounts.

BLOG SEARCH:

Connect with Us

Interested in our cybersecurity training or services? Complete the form below and we’ll get back with you right away. We appreciate your interest.


Recent Posts

  • The State of Ransomware 2020
  • National Cybersecurity Awareness Month: 6 Things to Practice During the Month
  • Cybersecurity Checklist for Business Closures, Consolidations, and Acquisitions
  • What Is DevSecOps?
  • Cybersecurity and a Remote Workforce: What Does the Future Look Like?
  • 6 Penetration Testing Trends to Have on Your Cybersecurity Radar
  • Incorporating Privacy and Security by Design into MedTech
  • What is the Difference Between CMMC, DFARS, and NIST 800-171?
  • At Risk: Medical Device Cybersecurity Vulnerabilities Expose Patients to Life-threatening Consequences
  • 5 Reasons to Hire a Fractional CISO
  • Why Private Cybersecurity Training Matters for Your Organization
  • Is the CEH Certification Right For You?
  • Internal Penetration Test vs Vulnerability Assessment: Which is Right for You?
  • Best Beginner Cybersecurity Certification to Get
  • Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing

Alpine Security is a member of the CISO Global family of companies.

Contact Us:

  • CISO Global
  • 6900 E. Camelback Road, Suite 900 Scottsdale, AZ 85251
  • 480-389-3444
  • info@ciso.inc
  • www.ciso.inc

Get Info

About Our Training
About Our Services
Meet the Team
Blog
Terms of Use
Privacy Policy

Join The Community

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube
  • Mail

Proud Partners

© 2021 · Alpine Security, a Cerberus Sentinel Company