The NuHarbor Notice
What is NIST 800-171 for DFARS?
Author: Kristof Holm I often hear feedback from clients that National Institute of Standards and Technology (NIST) frameworks are too cumbersome and frustrating to implement, with a steep learning curve to understand all the requirements. I can empathize with them,...
read more
What exactly are the OWASP Top 10?
By: Eric Kobelski As a software developer turned security engineer, I continue to follow current development technologies, as it makes me more of an effective tester. One of the articles that I was reading contained an interview with one of the applications developers...
read more
Why Your Company Needs Third-Party Vendor Management Services
By: Paul Dusini We’ve all heard about data breach horror stories like Target’s staggering leak of 40 million customer credit and debit card accounts or Home Depot’s stolen 56 million payment card accounts. Considering the significant damage to a brand’s reputation and...
read more
NIST Cybersecurity Framework (NCF) Version 1.1 Changes
Author: Kristof Holm With recent updates to the NIST Cybersecurity Framework (CSF), now seems good a time as any to revisit the framework, highlight some of the advantages to leveraging it and discuss what these changes may mean going forward. NIST Cybersecurity...
read moreNot Your Father’s Controls – Keeping Your Vendor Assessment Process Updated
By Paul Dusini, Information Assurance Manager In a recent blog Less is More: Focusing Your Third-Party Vendor Risk Assessments on the Basics we provided guidance for developing the list of questions to use when assessing the security posture of your third-party...
read more