States Are Offering Carrots As Well As Sticks
Compliance, cybersecurity, Security Framework Mark Jennings Compliance, cybersecurity, Security Framework Mark Jennings

States Are Offering Carrots As Well As Sticks

For the past several years states have been passing privacy laws that impose stiff penalties on organizations that mishandle the personal information of their residents. However, a growing number of states have passed legislation that can provide legal “safe harbor” to those organizations that implement and maintain security measures based on a recognized cybersecurity framework.

Read More
Why CIS is the Best Security Framework for MSPs
Risk Management, Security Framework, CIS, MSP Mark Jennings Risk Management, Security Framework, CIS, MSP Mark Jennings

Why CIS is the Best Security Framework for MSPs

A couple of months ago I wrote about the importance of adopting a security framework to give structure and process to securing your practice. I went over several common frameworks and debated the pros and cons of each. In this article I am going to delve into the reasons why the Center for Internet Security (CIS) Frame work is the best for MSPs.

When we compared the NIST and ISO Frameworks to CIS, we discovered that NIST and ISO were somewhat loose and vague in regards to what controls needed to be implemented in order to be compliant. Both standards leave a lot of leeway for alternative approaches to meeting the standard of the control. While this flexibility may be desirable in some situations, it can be confusing and lead to lapses in security…

Read More