.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
SOC 2 vs. NIST: A Comprehensive Comparison
by Jerry Hughes on October 2, 2024 at 1:00 PM
When comparing SOC 2 and NIST frameworks, it is essential to understand their respective roles in cybersecurity, compliance, and risk management. Both frameworks provide guidance for organizations seeking to protect sensitive data and ensure security, but they are designed with differ …
Which NIST Standard Is Most Important for Small Businesses?
by Andrew Paull on July 19, 2024 at 2:53 PM
Navigating the complexities of cybersecurity can be challenging for small businesses, but the National Institute of Standards and Technology (NIST) offers robust frameworks to help. This blog analyzes the various NIST initiatives and guidelines designed to enhance cybersecurity for sm …
NIST Cybersecurity Framework 2.0 – Key Takeaways
by Derek Boczenowski on March 7, 2024 at 1:30 PM
Last week, the National Institute of Standards and Technology (NIST) unveiled the second version of its Cybersecurity Framework (CSF), marking the first major new updates to NIST CSF since the framework's inception ten years ago. Initiated by Executive Order 13636, the development of …
Transitioning to CMMC 2.0 – The Five Stages of Grief
by Derek Boczenowski on November 10, 2021 at 2:46 PM
Late last week, the Pentagon put out a memo that stuck a knife in the heart of CMMC 1.0, to replace it with the new and shiny CMMC 2.0! CMMC is dead, long live CMMC!
An Introduction to CMMC Compliance
by Kyle Daun on September 30, 2021 at 1:00 PM
On January 31st, 2020, the Department of Defense (DoD) announced the release of the Cybersecurity Maturity Model Certification (CMMC), a framework aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (DIB), as it relates to Controlled Unclassified …
Stop Running from Privacy! Use the NIST Privacy Framework
by Jerry Hughes on February 19, 2020 at 1:00 PM
Take a look at your recent SOC 2 Type ll Service Organization Audit, where there are five Trust Service Criteria (Security, Confidentiality, Processing Integrity, Availability, and Privacy). How about your last Health Insurance Portability and Accountability Act (HIPPA) Audit, where t …