NY Education Law 2-D - NIST CSF Compliance

Posted by ComplianceForge on Dec 13th 2019

For school districts in New York state, the NY education law 2-D is compelling school districts to comply with the NIST Cybersecurity Framework (NIST CSF) as a method to protect sensitive student data … read more

NIST 800-171 Rev2 & NIST 800-171B

Posted by ComplianceForge on Jun 19th 2019

The draft of NIST 800-171 rev2 was released today. Most importantly, there are no changes to the controls (e.g., basic and derived security requirements in chapter 3) from NIST 800-171 rev 1. Howev … read more

OMB M-19-03 Compliance

Posted by ComplianceForge on May 6th 2019

In late 2018, the Office of Management and Budget (OMB) released a memorandum that pertains to strengthening cybersecurity practices for High Value Assets (HVAs), which also includes privacy consid … read more

Ohio's Data Protection Act - A New Twist To Data Protection Laws

Posted by ComplianceForge on Feb 6th 2019

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure. Documentation is oftentimes viewed as a passive effort that offers little protection to a co … read more