Cybersecurity Articles

The Common Control Conundrum

What are Common Controls? Common controls are security controls that can support multiple information systems efficiently and effectively as a common capability. They typically define the foundation of a system security plan. Common controls are the security controls you need to do the most work to identify when developing your risk-based cybersecurity strategy and your system...

Think INSIDE the Box

Data Residency and Risk Management Data residency analysis is the process of determining the physical or geographic location of the data and digital artifacts that reside in your information system.  Luckily data residency for US public sector agencies is well defined.  The data and information resources of US government systems it needs to reside within...

Know Your Boundary

The first step in the six step risk management framework (RMF) process is categorizing your system.  The first step in categorizing your system is establishing the system boundary.  The boundaries of your system and how you categorize it will  drive your risk management strategy.  Your risk management strategy in turn defines your ongoing risk posture...