The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • FedRAMP Tailored program for low-risk use cloud service offerings

    March 08, 2017, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    On February 16, the FedRAMP Project Management Office (PMO) released the new FedRAMP Tailored security controls baseline for public comment (comment period closes March 17, 2017).  The new FedRAMP Tailored security controls baseline was created for Cloud Service Providers (CSPs) who have cloud service offerings (CSO) that do not require the more stringent process of FedRAMP Moderate or FedRAMP High security control baselines.

    Read more
  • New York State Implements Cybersecurity Regulation 23 NYCRR 500

    March 02, 2017, Bob Post, Senior Practice Director, Cyber Risk Advisory, Coalfire

    On March 1st, 2017, sweeping new cybersecurity requirements were placed on organizations regulated by the New York State Department of Financial Services. The law applies to a broad set of ‘covered entities’ that are supervised by the NYDFS, including banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. While large entities most likely meet these requirements already -- and very small entities are exempted from some of the requirements --, mid-market firms will be challenged to meet aggressive implementation timelines.

    Read more
  • Cloud Burst?

    March 01, 2017, Jeremy Gibbons, AWS Channel Lead, Coalfire

    The cloud can burst!? This week’s AWS service disruption showed us the importance of architecting a system to account for failure, and how to be successful when deploying your solution in the cloud.

    Read more
  • 2017 RSA Conference Highlights

    February 23, 2017, Holly Doucette, Events & Communications Manager, Coalfire

    Over five days, 45,000 consumers and thought leaders convened at the 2017 RSA Conference, sharing insights on how to stay ahead of today’s – and tomorrow’s – cyber threats. Coalfire was in the thick of it, and here we’ve compiled some of the most important takeaways.

    Read more
  • SSAE No 18 effective for SOC reports dated May 1, 2017

    February 15, 2017, Jamie Kilcoyne, Managing Director Coalfire Controls

    The AICPA Auditing Standards Board (ASB) announces new changes for SOC reporting under SSAE No. 18 in April 2016. A description of the changes and what it means for service organizations is below.

    The AICPA’s attestation standards contain the requirements and application guidance for performing and reporting on examination, review, and agreed-upon procedures engagements. Since Service Organization Controls (SOC) reports are classified as “examinations”, the attestation standards apply to these engagements.

    Read more
  • Displaying results 96-100 (of 313)
     |<  <  16 - 17 - 18 - 19 - 20 - 21 - 22 - 23 - 24 - 25  >  >| 

Recent Posts

Post Topics

Archives

Tags