Artificial Intelligence: A relative reality
To differentiate what is marketing jargon from what CISOs can do with AI-enhanced products, security leaders were interviewed to find out which products embedded with AI deliver on their promises.
Read Article
Verizon Releases 2019 Payment Security Report (PSR)
Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.
Read Article
Transitioning into a Penetration Testing Role
This has been the most rewarding and engaging work and continues to be my dream job, and yet, the transition from full-stack web application developer to penetration tester was daunting.
Read Article
CMMC – the New Protocol Droid for DoD Compliance
US DoD has been working to revise funding procurement procedures DFARS. Most important are regulations which mandate that defense contractors meet NIST SP 800-171 standard that deals with CUI.
Read Article
FedRAMP at a Glance [Infographic]
Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.
View Infographic
The Most Important Considerations in Building a DevSecOps Pipeline
Security Boulevard reached out to a panel of DevSecOps pros to learn more about key considerations and best practices for building a DevSecOps pipeline.
Read Article
A Spooky Tale of Cybersecurity
When it comes to cybersecurity, it’s the things we don’t know that can be the scariest.
Read Article, If You Dare
The Age of Coordinated Ransomware – What Is It, What Can You Do?
Though ransomware attacks aren’t a recent phenomenon, they seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks, that’s about to change.
Read Article
A SOC-like Approach to PCI: PCI DSS v4.0
The 2019 PCI North America Community Meeting was held in beautiful Vancouver, British Columbia, Canada. The conference provided takeaways for PCI standards plus sneak peeks info PCI DSS v40.
Read Article
Changes Coming to PCI DSS in Version 4.0
The PCI SSC is preparing to issue a draft version of PCI DSS v4.0. It was apparent early in the presentation that the update to the PCI DSS is going to be the largest change since v3.0 in 2013.
Read Article
Schellman's Danny Manimbo Profiled on This Way to CPA
Schellman Senior Manager Danny Manimbo profiled by This Way to CPA on how earning his CPA opened doors in the accounting field, and shares tips for students taking the CPA exam.
Read Article
Valuable PCI Compliance Tips: Our Response
Security Boulevard recently published a list of valuable PCI DSS compliance tips which Schellman's team of QSAs reviewed and have offered insight and commentary on.
Read Article
Step Up: Take a Walk in the Shoes of Three CPAs
Learn how three young professionals have found success in their careers with the CPA credential.
Read Article
How to Exert Privacy Control Over Your Home Speakers
Three leading smart speaker technology makers have suspended contractor review of consumer recordings following disclosures that the devices are nearly always listening and have captured interactions.
Read Article
The Much Anticipated ISO/IEC 27701:2019
For those that were monitoring the wire, ISO 27001 was released the week of August 5th as an extension of ISO 27001 and 27002.
Read Article
Inside-out analytics: Solving the enigmatic insider threat
To protect their corporations against data breach from internal and external sources, CISOs have a tool that is effective at identifying breaches but some employees might find it intrusive: analytics.
Read Article
How Bots Can Tell When the C-Suite Is Lying
Companies are applying natural language processing (NLP), sentiment analysis and machine learning to the financial sector, evaluating earnings calls and other public meetings to unearth information.
Read Article
Wake Up Hospitality: Marriott Fine Proves GDPR Legislation Has Teeth
Marriott announced that the UK ICO communicated its intent to issue a fine of over $124 million for infringements of the GDPR in relation to the Starwood guest reservation database incident.
Read Article
Rundown: The Cloudy Role of FedRAMP
On Wednesday July 17th, I had the distinct honor of providing the assessor perspective at a FedRAMP hearing held by the Subcommittee on Government Operations—a subset of the House Oversight Committee.
Read Article
![FedRAMP at a Glance [Infographic]](https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY1MTAwJmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVkYzU4NTExOGU4OTAuanBnJnZlcnNpb249MDAwMCZzaWc9NTBjZGIyZTc2ZGRhNGJkNmE5NjRlMGNlNGYxYTczODA%25253D&size=1&version=1573490829&sig=dfba9f35991551aec00555bac4abfb3d&default=hubs%2Ftilebg-blogs.jpg)
