Draft Rules Published for Cyber Incident Reporting Requirements

March 29, 2024

On March 27, the US Cybersecurity and Infrastructure Security Agency (CISA) published draft rules detailing requirements for critical infrastructure companies…

Read More

Safeguards Rule Breach Notification Requirements Updated for Non-Banking Financial Institutions

November 2, 2023

The Federal Trade Commission (FTC) has given the green light to changes to the GLBA Safeguards Rule Breach Notification requirement.…

Read More

Comparing FedRAMP and StateRAMP

September 12, 2023

For Cloud Service Providers (CSP) hoping to win business with federal, state, and local government entities, their product(s) will likely…

Read More

NIST CSF 2.0 Draft Released

August 21, 2023

The widely used NIST Cybersecurity Framework (CSF) is getting its first major upgrade in nearly a decade. Following more than…

Read More

Cybersecurity Legislative Activity: Summer 2023

August 7, 2023

The Summer of 2023 has been a busy stretch regarding cybersecurity legislative activity. Here’s a recap of some of the…

Read More
FedRAMP Rev. 5 servers

FedRAMP Rev. 5 Released

June 21, 2023

The Federal Risk and Authorization Management Program (FedRAMP) helps government agencies protect federal information while utilizing the power of cloud…

Read More

An Early Look at CMMC 2.0

May 23, 2023

Update: This article has been updated to reflect the DoD’s publication of the draft CMMC Proposed Rule (CMMC 2.0). The…

Read More

Conducting a GLBA Risk Assessment

May 1, 2023

Under the latest version of the Gramm-Leach-Bliley Act (GBLA) Safeguards Rule, element two is the requirement to conduct a risk…

Read More
GLBA cybersecurity requirements

GLBA Cybersecurity Requirements: What Your Organization Needs to Do

April 25, 2023

On June 9, 2023, new Gramm-Leach-Bliley Act (GLBA) cybersecurity requirements that reflect updates to the Safeguards Rule component of the…

Read More

Protecting Your Data When it’s in the Hands of a Third-party

February 6, 2023

Auto-maker Nissan sent out a breach notification letter to approximately 18,000 people, notifying them that personal information had been leaked…

Read More

Finding a credible expert with the appropriate background, expertise, and credentials can be difficult. CompliancePoint is here to help.