6 Key Updates in the NIST Cybersecurity Framework (CSF) 2.0
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
On September 29, 2023, the Federal Deposit Insurance Corporation (FDIC) announced the updated Information Technology Risk Examination (InTREx) procedures. If you’re curious about what changed, you’ve come to the right place.
On November 13, 2023, the Federal Trade Commission published a Final Rule in the Federal Register updating the Safeguards Rule. The rule includes changes to the incident notification requirements for financial institutions.
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
In this article, we will look at the top features to consider when evaluating a phishing security awareness software.
In this article, we answer the question, "What’s the difference between policies, standards, controls, and procedures?" by setting definitions, looking at guidance, and providing some examples.
There are a lot of ways to write a policy and there are equally as many things to avoid. At Tandem, when we sit down to write a policy, we break our policies into the following key sections.
In this article, we will discuss why your policies are important and give you six tips to make sure they live up to their fullest potential.
In this article, we discuss how exactly to determine which incidents must be reported to your federal regulator, per the legal definition.
In this article, we’ll look at both the similarities and differences between the ISRA and the CAT and explain how they can best be used in harmony with each other.
Before deciding if you should outsource to a vISO, consider these 4 things that are some key risk factors and potential effects on your business.