The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Highlights from the HITRUST Third-Party Assurance Summit

    March 07, 2018, Andrew Hicks, Managing Principal, Coalfire

    The HITRUST TPA Summit brought together experts representing customers, vendors, and assessor firms in various aspects of risk management to share best practices, lessons learned and effective third-party risk management strategies leveraging the HITRUST CSF Assurance Program and HITRUST Assessment Exchange. Coalfire sent a team of healthcare experts to the Chicago event to meet with our HITRUST clients and folks from organizations who are thinking about a HITRUST journey. We were also there to find out what’s next for the HITRUST CSF, and we found out that the future is exciting!

    Read more
  • DFARS 7012 Compliance

    March 06, 2018, Mali Yared, Director, Cyber Risk Advisory, Coalfire

    At Coalfire, we field a lot of questions from government contractors about compliance with National Institute of Science and Technology (NIST) Special Publication (SP) 800-171. We also address requests for help with “DFARS 7012,” which is a commonly used shorthand for Defense Acquisition Regulation Supplement (DFARS) 252.204-7012. The information below should help to clarify some common questions around the purpose of each and links between them.

    Read more
  • NIST Interagency Report on IoT: An Incremental Step Toward IoT Standards

    March 05, 2018, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    The Internet of Things (IoT) has been widely regarded as representing a significant cybersecurity risk, which will only grow as connected devices continue to proliferate. As an important step in addressing these concerns, the Interagency International Cybersecurity Standardization Working Group (IICS WG) has developed a draft National Institute of Standards and Technology Interagency Report (NISTIR) 8200, Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT). The report’s intent is to inform and enable policymakers, managers, and standards participants to seek timely development and use of cybersecurity standards in IoT components, systems, and services.

    Read more
  • New SEC Cyber Risk Disclosure Guidance: What Does It Mean for Public Companies?

    February 28, 2018, Nick Son, Vice President, Cyber Risk Services, Coalfire

    On February 21, the U.S. Securities and Exchange Commission (SEC) issued the long overdue cybersecurity interpretive guidance to address the methods and timing of cybersecurity risks and incidents disclosures. To signify the importance of this updated guidance, five SEC commissioners issued the guidance. The new guidance does not change any of the existing SEC rules, but it does address two new topics.

    Read more
  • NIST SP 800-171: What U.S. Government Contractors Need to Know

    February 27, 2018, Mali Yared, Director, Cyber Risk Advisory, Coalfire

    In December 2016, NIST released Special Publication 800-171, Revision 1: Protecting Controlled Unclassified Information in Nonfederal Systems. Since that publication, I have worked with dozens of government contractors to help them understand this publication and determine if and how it applies to their businesses. This is the first of a three-part series that explains the standard and provides guidance to firms that must comply with it.

    Read more
  • Displaying results 46-50 (of 313)
     |<  <  6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14 - 15  >  >| 

Recent Posts

Post Topics

Archives

Tags