type:

Article

Check out our extensive library of blog articles to stay informed of the latest cybersecurity and compliance news and information.

Article

NIST SP 800-171 Series: Security Assessments

Requirement 12 of the NIST SP 800-171 Rev. 2, Security Assessment, requires a periodic assessment of the security controls in organizational systems to determine if they're effective in their application. Here are the steps your organization should follow when performing a security assessment.

Compliance
Security Assessment Steps about the NIST SP 800-171 Series: Security Assessments
Article

Proper MFA Configuration and PrintNightmare

Organizations are continuing to outsource and fulfill needed services with third-party partners and cloud services providers. Unfortunately, an increased reliance on third-parties can also increase the organizations’ exposure to risk, and we continue to see more breaches of third-party systems.

Third-Party Service Providers
Security Recommendations about the Proper MFA Configuration and PrintNightmare
Article

The Lifecycle of Third-Party Vendor Management and Security Assessments

While you may be outsourcing services and related responsibilities, the responsibility for the associated risk will always remain with your organization, so it is critical to carefully vet all vendors to ensure they are not creating security risks to your organization’s sensitive data.

Third-Party Service Providers
Third-Party Vendor Management about the The Lifecycle of Third-Party Vendor Management and Security Assessments
Article

GLBA Safeguards Rule Updates

Organizations are being encouraged to assess their current information security programs now and structure the necessary plans to achieve GLBA compliance with the amended requirements.

GLBA
Updates to the Safeguards Rule about the GLBA Safeguards Rule Updates
Article

A Security Advisor Holiday Wishlist

When a Security Advisor performs an assessment to evaluate current compliance status and identify any potential gaps, there are several things they are often looking for that will make the path to compliance less bumpy. If CampusGuard’s team of Advisors could write to Santa this year, this would be their list.

Cybersecurity
Security & Compliance Wishlist about the A Security Advisor Holiday Wishlist
Article

PCI DSS: Merchant Levels Explained

Merchant levels are based on the volume or number of card transactions for each card brand over a 12-month period. As the number of transactions increases, it makes sense that the risk of a data breach is also increasing, therefore, the fact that the PCI DSS requires additional steps to maintain and verify PCI compliance also makes sense.

PCI DSS
Methods for Attesting Compliance about the PCI DSS: Merchant Levels Explained
Article

Cashless Campus: Inevitable or Improbable?

Although there are many benefits to diversifying your organization's payments strategy, change should be approached gradually and methodically, with great consideration towards your customer culture and state and local laws.

Payments & Treasury Solutions
Cashless Campus Considerations about the Cashless Campus: Inevitable or Improbable?
Article

Defining GLBA Scope in Higher Education

As colleges and universities work to review their environments and proactively implement the necessary safeguards defined within the NIST SP 800-171, determining what exactly is in scope for GLBA can be challenging. What information falls under the GLBA umbrella and where can this data be found across campus?

GLBA
GLBA Scope about the Defining GLBA Scope in Higher Education
Article

Incident Response: The Critical Role of the Help Desk

Help desk and service desk personnel provide much more than just basic troubleshooting and technical support. With appropriate training, they can also make a significant impact in the prevention or early identification of security breaches.

Incident Response
Help Desk's Incident Response Role about the Incident Response: The Critical Role of the Help Desk