A-LIGN Insights: October 2021

In this issue we share exciting upcoming features for A-SCEND, reveal the top cybersecurity trends for 2022, discuss important federal compliance updates and more.

Featured Content

The Top Cybersecurity Trends for 2022
What’s the greatest risk for an organization when it comes to cybersecurity? The human factor. Learn why cybersecurity awareness and education for every employee plays a critical role in preparing your organization for a cybersecurity event.  You won’t want to miss our Technical Knowledge Leader and Research and Development Director, Joe Cortese, weigh in on the topic!
Learn More

Events

PCI SSC Global Community Forum
A-LIGN is proud to be a sponsor of the PCI SSC Global Community Forum.  You won’t want to miss Dustin Rich, A-LIGN’s PCI DSS Practice Lead, and John Baughman, A-LIGN’s Solutions Advisor, discussing how technology can help streamline your PCI DSS audit.  Register now for October 26-28 and be sure to visit us during A-LIGN’s vendor showcase!
Learn More


Compliance News

How Technology Helps Cloud Service Providers Achieve FedRAMP Certification
Tony Bai, A-LIGN’s Federal Practice Lead, and Emily Cummins, Anitian’s Director of Cloud Security, team up to discuss how technology can make your journey to FedRAMP certification a more streamlined process, saving you time and resources.

Justice department battles to contain ransomware attack 
In an article by ITWeb, they reported that South African government entities are increasingly falling victim to cyber attacks, after the South African National Space Agency (SANSA) became the latest government entity to suffer such an incident.

Examining the Popularity of the SOC 2 Audit
Is your organization planning for a SOC 2 report?  You’re not alone.  In our 2021 Compliance Benchmark Report, SOC 2 emerged as the most popular audit for cybersecurity, IT, quality assurance, internal audit, finance, and other professionals across a variety of industries.

What Does the Deadline on Federal Event Log Management Mean for My Organization?
A new cybersecurity executive order deadline on event log management has many technology companies wondering if they have to take action. Our Federal Practice Lead, Tony Bai, explains what this update means and if it will affect your organization.

The Most Common Challenges of the Audit Process
In our 2021 Compliance Benchmark Report, we learned that lack of time and limited dedicated resources available for compliance projects are very common pain points.  In this blog, we discuss the most prevalent audit challenges hindering organizations today, plus our thoughts on how to solve these issues.


FedRAMP Update

FedRAMP recently provided updated Authorization Boundary Guidance that has since been in draft form for public comment and should be followed by all cloud service providers (CSPs) and third-party assessment organizations (3PAOs).  The outcome is that all non-FedRAMP authorized external services that store, process, or transmit any federal data or metadata cannot be submitted for a Readiness Assessment Report (RAR) review.  This announcement from FedRAMP is considered a showstopper per the latest FedRAMP Guidance.  Please note this new guidance outlines FedRAMP’s requirements that are in effect and only directly affects RARs, not Initial or Annual Security Assessment Reports (SARs). If you have any questions about this new guidance please contact our FedRAMP experts at A-LIGN today.

In Case You Missed it

SOC-it-to-Me Summit for Cloud-Based Service Providers 
Are you a SaaS or cloud-based service provider thinking of getting a SOC report to assure customers that your platform and, more importantly, their data is protected?  Watch A-LIGN’s EMEA & Asia Pacific’s Director, Ty Brush, and Risk Crew’s Managing Director, Richard Hollis, discuss the quickest and most cost-effective route to the summit of your SOC 2 assessment.

Preparing your SMB for Ransomware and Cyberattacks 
Watch A-LIGN’s, Petar Besalev, EVP of Cybersecurity and Compliance, as he discusses current cybersecurity trends, the intricacies of ransomware, and how best to defend your SMB from catastrophe.  Learn what cybersecurity trends are impactful in the market today, why ransomware is on the rise and what to do about it, and practical approaches you can take to significantly mitigate cyberattacks.


A-SCEND Update of the Month

Powerful New Features Coming Soon to A-SCEND for Security Automation
Mike Herdegen, A-SCEND’s Chief Technology Officer, discusses the investments we are making in A-SCEND, our end-to-end compliance management platform, and how these developments will provide clients with additional capabilities and services.  Don’t miss this post- Mike reveals A-SCEND’s product roadmap, giving you a sneak peak of what’s coming!
Learn More


A-LIGN Team Spotlight

Meet Michael Broyles 
Senior Consultant, SOC Practice

“Everything we do at A-LIGN is primarily motivated by two things: customer and employee happiness. We are constantly motivated to do better, which has driven many of the initiatives we have from the A-SCEND SaaS platform, to expanding our service offerings to meet our clients’ needs. The drive behind the development of these initiatives is indicative of A-LIGN’s commitment to our clients.”

Learn More