The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • Long-awaited changes to the nation’s cybersecurity infrastructure become reality

    FedRAMP Advisory Directors, Coalfire

    There is a lot of buzz in the biz about the ripple effects of President Biden’s “Executive Order (EO) on Improving the Nation’s Cybersecurity,” which comes on the heels of the Colonial Pipeline hack. The pipeline, which delivers about 45% of the fuel used on the Eastern Seaboard, was shut down after a ransomware attack by a group of alleged criminal hackers who call themselves “DarkSide.” Read more
  • Third party risk management and the cloud

    Bob Post, Managing Principal, Strategy, Privacy, Risk

    Risk is inevitable with third party vendors that have access to your company and client data. With expanding attack surfaces, dispersed supply chains, and IoT issues on the rise, TPRM (third party risk management) is becoming a more mission-critical security practice in the cloud. Let’s look at problems and solutions. Read more
  • The road to secure crypto: start getting risk management priorities on your threat modeling radar

    Karl Steinkamp, Director, PCI Product and Quality Assurance

    While attending the biggest event in crypto history earlier this month in Miami, it struck me that, although irrational over-exuberance was the mood, the reality is really sinking in: We are in a new payments industry paradigm shift. It’s not a fad anymore, and it’s not going away. An exclamation to the event was the notice that on June 9, 2021, El Salvador has officially adopted bitcoin as legal tender (currency) for the country.

    Read more
  • What you need to know: Transitioning CSA STAR for Cloud Controls Matrix 4.0

    Chase Kimberly, Principal of Standardization, Coalfire

    In January of this year, the Cloud Security Alliance (CSA) released a major revision to its widely adopted Cloud Controls Matrix (CCM) in the form of version 4.0. This comes in the middle of a calendar year where several alternative information security frameworks are also expected to be refined, including the HITRUST CSF, ISO/IEC 27002, and PCI DSS.

    Read more
  • Payments paradigm shift

    Karl Steinkamp, Director, PCI Product and Quality Assurance

    Crypto assets have been around for over a decade, and with the recent Coinbase IPO, we believe we are well past the point of calling this a “passing fad.” In fact, we believe that crypto assets — particularly bitcoin — have now passed the tipping point from being considered an unconventional investment vehicle to an international payment system.

    Read more
  • Displaying results 1-5 (of 144)
     |<  < 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >| 

Recent Posts

Post Topics

Archives

Tags

Top