by Andrea VanSeveren | Feb 26, 2021 | FedRamp
Reading Time: 2 minutes
FedRAMP is hot, and we’re seeing a big ramp-up in client inquiries about it. Just 214 Authorizations to Operate (ATOs) have been granted under the FedRAMP program since its inception in 2011. But 61 ATOs were granted or “in process”...
by John Verry | Sep 25, 2019 | InfoSec Strategies
Reading Time: 3 minutes
A healthy level of skepticism seems to be an occupational hazard of working in information security. Hence, my hopes were not all that high when I recently sat down with a Boulevardier and the new ISO 27701 standard (“Security...
by Andrew Farkas | Jul 2, 2019 | ISMS Consulting
Reading Time: 2 minutes
On many engagements, part of my role is helping clients see their initial information security objective in the context of a bigger security picture. For example, a new client just came to us having inadequately addressed a...
by Kevin Hermosura | Apr 11, 2019 | Third Party Risk Management
Reading Time: 3 minutes
Recently I came across this blog post, which raises concerns that Amazon Web Services (AWS), a major player in many government cloud contracts worldwide—including the US Department of Defense—may be outsourcing security services to a...
by Kevin Hermosura | Apr 5, 2019 | Third Party Risk Management
Reading Time: 3 minutes
When it comes to vendor risk management questionnaires, less can definitely be more. In this post, I’ll share three value-add tips on why and how to streamline your vendor review process and reduce the length of your questionnaires...