Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Law firms are in a precarious position when it comes to cyber risk. These organizations are tasked with storing large amounts of sensitive information — from corporate finances to client data to intellectual property (IP) — and, as such, are finding themselves in the crosshairs of threat actors.

Recently, the Department of Defense shook up the entire defense industrial base with the release of a memo titled “Federal Risk and Authorization Management Program Moderate Equivalency for Cloud Service Provider’s Cloud Service Offerings.” The memo, aimed at FedRAMP contractors and the CSPs they work with, clarifies the concept of equivalency and what it means to be equivalent to the FedRAMP/CMMC Moderate control standard.

Trust and transparency are key to winning customers today. Customers and prospects of all sizes need to know how you’ll protect their data before they can do business with you — which often leads to lengthy questionnaires, long security reviews, and stretched sales cycles as they work to understand your security posture.

Xalient is proud to announce that it has successfully maintained its ISO 20000:2018 certification for Service Management in a recent audit, marking another milestone in its journey of operational excellence. This achievement, led by Craig Ingham, Xalient’s Group Information Security & Compliance Director, demonstrates Xalient’s dedication to providing high-quality IT services while successfully managing end-to-end service delivery.

In the current era of digital technology, email has become an essential means of communication in the healthcare sector. It helps simplify processes, fosters teamwork, and enhances the quality of patient care. However, it is important that the confidential patient data is kept secure, and all communications are done as per the HIPAA compliance email procedures.

You could have the strongest firewalls, encryption, anti-malware, vulnerability scanners, and risk management tools in the world and still leave one critical gap in your cybersecurity infrastructure — insider threats. And most of those threats come from poor identity management. But what, exactly, is good identity management? How do you pick the right identity provider for your organization?