The Cybersecurity Maturity Model Certification (CMMC) Level 1 is designed to protect Federal Contract Information (FCI) and includes 17 basic cyber hygiene practices. These practices are grouped into six domains: Access Control, Identification and Authentication, Media Protection, Physical Protectio...
SOC 2 (System and Organization Controls 2) is a framework designed by the American Institute of Certified Public Accountants (AICPA) to manage and protect customer data based on five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC 2 compliance...
The Payment Card Industry Data Security Standard (PCI DSS) defines security requirements to protect environments where payment account data is stored, processed, or transmitted. It establishes a baseline of technical and operational requirements designed to safeguard payment data throughout its life...
The NIST Cybersecurity Framework (CSF) is a comprehensive guide designed to help organizations manage and reduce cybersecurity risks. It consists of five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a high-level, strategic view of the lifecycle of an organ...
ISO/IEC 27001 is an international standard for information security management. It provides a framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and continually improving an information security management system (ISMS). This standard ensures the confidentiality...
The HIPAA Privacy Rule establishes national standards to protect individuals' medical records and other personal health information. It applies to health plans, healthcare clearinghouses, and healthcare providers that conduct certain healthcare transactions electronically. The rule mandates safeguar...
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was designed to improve the efficiency and effectiveness of the health care system by standardizing electronic health care transactions and ensuring the security and privacy of health information. It mandates national standards...
The CIS (Center for Internet Security) Critical Security Controls are a prioritized set of actions for cybersecurity that form a defense-in-depth set of specific and actionable best practices to mitigate the most common cyber attacks.
The California Consumer Privacy Act (CCPA), enacted in 2018 and effective from January 1, 2020, grants California consumers new rights over their personal data. These rights include knowing what personal data is collected, the ability to delete their data, and the right to opt-out of the sale of the...