Aug 6, 2020 | Compliance, Cybersecurity, ISO27001
An Overview of CMMC The Cybersecurity Maturity Model Certification, also known as CMMC, is a new standard for implementing cyber security controls across the 300,000 companies in the DOD’s supply chain. This framework combines controls and ideas from several NIST,...
Aug 4, 2020 | Compliance, Podcast
Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | MoreWe’re joined by Kristof to dig into another compliance frontier, the Cybersecurity Maturity Model Certification (CMMC)....
Jul 28, 2020 | Compliance, Cybersecurity, ISO27001
Who Needs ISO 27001? Every day we hear from organizations being asked if they are 27001 compliant and what they need to do to become compliant. The ISO 27001 standard provides a very well-rounded assessment to prove you have an effective information security...
Jul 21, 2020 | Compliance, ISO27001, Podcast, Uncategorized
Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | MoreOn this week’s episode we’re talking to Kristof about ISO 27001. We cover the who, what, when, why, and how of ISO and...
May 5, 2020 | Case Study, Compliance, Cybersecurity, Incident Response, Information Security, Podcast, Professional Services, Vulnerability Scanning
Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | MoreOn this week’s episode of Pwned, Justin and Zack are joined by Eric and Randy, two operators from our penetration...
Mar 3, 2020 | Compliance, Information Security, NIST 800-53, Payment Card Industry, Risk Management
With acronyms inside of acronyms and hundreds of pages of documentation, choosing a framework for a security controls assessment seems like a daunting task. NuHarbor Security has years of experience working with different controls frameworks, and we have laid out the...
Jun 3, 2019 | Compliance, Cybersecurity, HIPAA, Information Security, ISO27001, NIST 800-53, Payment Card Industry
By: Justin Fimlaid The Ohio Data Protection Act was passed in August of 2018 and went into effect as of November 2018. What’s unique about this data protection law is that it’s unlike recently passed privacy legislation recently seen in California and...
Apr 22, 2019 | Audit, Compliance, Cybersecurity, Tenable, Vulnerability Scanning
By: Justin Fimlaid Every organization has different needs related to their vulnerability management program. This varies from the scanner used (cloud or on premise), the places where sensors are deployed, the technology environment, and the needs of your vulnerability...
Apr 15, 2019 | Compliance, Cybersecurity, Information Security, Penetration Testing, Vulnerability Scanning
By: Justin Fimlaid If you haven’t heard of it there is a new banking directive in the U.K. called the Open Banking Directive. This directive went into effect on January 13, 2018. It’s significant for U.S. based banks, because this Directive could apply...
Apr 8, 2019 | Audit, Compliance, Cybersecurity, Information Security
By: Justin Fimlaid First things first, if you are interested in elections security have not heard of Estonia’s electronic voting system I’d encourage you do some research starting with this blog post. There is a lot to Estonia’s e-Government initiative,...
