Blog

A thorough knowledge of the risks a company faces is essential to operating a company in the 21st century. With digital technology powering more and more business operations, risks go far beyond the physical realm and into the digital. Understanding potential cyber risks, and what an IT security risk assessment is, can be invaluable to promoting a company’s potential success.

Digital tools are now core foundations of most company’s corporate infrastructure. However, these critical solutions are also a source of risk that can significantly harm your business if not managed properly. Safeguarding against such risks requires knowing what an IAM framework is and how it impacts your company's overall security posture. 

All businesses that deal with Protected Health Information (PHI) are required to adhere to HIPAA rules and regulations. Those that don’t, and are found to be in violation of its standards, can face hefty fines, reputation damage, and even legal action. Our HIPAA compliance checklist will help you avoid such consequences and become fully HIPAA compliant.

Securing your business’s online presence is not an easy task. It’s complex, resource-heavy that many businesses don’t quite know how to approach or manage effectively. There’s a lot of misinformation out there; it’s tricky for executives to know what security direction to go in without an internal Chief Information Security Officer (CISO) or a CISO as a Service provider.

Major initiatives, including cybersecurity, can be a challenge when everyone is already filling multiple roles in a growing organization. In this situation, it makes sense to look at operations holistically to ensure your projects are being implemented efficiently and will be sustainable.

This week, the guys welcome IT leader Ken Wiley, who shares about cutting-edge work in the field of supercomputing, insights gained from a highly successful IT and cybersecurity career, plus some current tech trends to watch closely. 

For more on Ken and Silverdraft, please see the links below. 

https://www.linkedin.com/in/wileyken/

https://silverdraft.com/

Have a great cloud application that is successful in the private marketplace and considering selling to the federal government? There is a proven path to do this that could propel your company to financial success and reputational notoriety by getting a Federal cloud authorization! Government sales of cloud applications and cloud services can be very lucrative - but first, let’s answer some basic questions about this process to understand it more.

"Do we need penetration testing?"

The Cybersecurity Maturity Model Certification (CMMC) is a third-party assessment program created by the DoD to gauge the maturity of an organization's cybersecurity practices and verify the protection of Federal Contract Information (FCI) as well as Controlled Unclassified Information (CUI). When CMMC 1.0 was released in 2017, there were concerns amongst government contractors as it was incredibly pricey for small organizations, contained vague language of CMMC assessment process, and did not include a lot of overlap in cybersecurity requirements to other federal requirements or commonly accepted standards.

Understanding your company's data life cycle is a critical aspect of your cyber risk management program. A recent article in Forbes Magazine quotes figures from Domo, a business intelligence company, who reports that 2.5 quintillion bytes of data are created every day, and that 90% of all data currently on the Internet was created in the past 2 years.