Two years ago, The International Organization for Standardization (ISO) published a long-awaited update to their primary cybersecurity framework, ISO 27001. The previous version, ISO 27001:2013, was nearly a decade old and in need of a refresh. The new version, ISO 27001:2022, is currently the version in effect. As part of the roll-out of ISO 27001:2022, companies were given instructions on how to transition to the new version from the 2013 version.

ISO 27001 is one of the most important security frameworks in the world. Any business that wants to operate internationally, especially if they have contracts with certified brands or international governments, or they want to open the door to those contracts, will need to achieve ISO 27001 certification. There’s just one problem: it can take a long time to achieve. How long?

Achieving ISO 27001 compliance and certification will open countless doors with governmental, industrial, and other business relationships. As an internationally-recognized and trusted security framework, it’s taken quite seriously. That means you have to put your all into achieving certification if you hope to pass the auditing process. At Ignyte, we can help.

NISPOM is an increasingly important part of the regulations surrounding work as a government contractor and is especially critical if you handle classified information. It’s also a lengthy and detailed part of the Federal Register and is complex enough that it often takes a specialist to know what’s important and what’s required. So, let’s talk about it.

As of now, the final rule for the Cybersecurity Maturity Model Certification has been published. The clock is ticking for organizations to make the changes they need to make, adhere to the multi-phase schedule required to achieve certification, and continue their work with the federal government across the board. As organizations, both large and small, start to dig into this work, it becomes increasingly clear that certain individuals and roles are critical to have on hand.