Rethinking the Role of Compliance

OMB M-21-31: Why It Matters, and How It Affects You

OMB M-21-31: Why It Matters, and How It Affects You Hosted by Qmulos Date: Thursday, December 9th, 2021                 Time: 3PM ET (12 PM PT) Recently issued OMB Memorandum M-21-31 is challenging Federal enterprises to achieve and demonstrate compliance with its security logging, log retention, log management, and centralized […]

ICS 500-27 Product Brief

The Intelligence Community Standard (ICS) 500-27 is considered the gold standard for enterprise audits at federal agencies and critical infrastructure sector companies. That is to say, the intelligence community requires identifying potential events of concern as a component of internal and external threat programs. You should too. The Office of the Director of National Intelligence […]

PCI DSS Product Brief

The Payment Card Industry Data Security Standard (PCI DSS) was put in place to protect cardholder data. The PCI Council was established by American Express, Discover, JCB International, MasterCard and Visa. As merchants for payment card transactions, banks need to use standard security procedures and technologies to protect cardholder data. According to the PCI Security […]

RMF 6-Part Product Brief

A data-driven approach to RMF uses data automatically collected from your IT environment to streamline, automate, and inform decision-making to manage the cybersecurity risks with developing and operating your information systems. Traditional approaches focus on documenting and reviewing implementation statements along with static snapshots of technical evidence to assess if security controls are correctly implemented […]

SOX Product Brief

The Sarbanes-Oxley Act of 2002, often called SOX, typically brings financial accounting standards to mind, along with a few controversial company names—think Enron, Tyco, WorldCom, etc. The common theme between these companies is irreparable damages to reputations as a result of scandalous financial governance, accountability practices, and a lack of information security standards. The SOX […]

HIPAA Product Brief

The Health Insurance Portability and Accountability Act (HIPAA) went into effect as part of the Social Security Act of 1996 in order to protect. health care coverage for individuals who have lost or changed their jobs, and to. ensure security of electronic transfers of electronic protected health. information (ePHI). Hospitals, private practices, dental offices, clinics, […]

FedRAMP Product Brief

The Federal Risk and Authorization Management Program, or FedRAMP, applies to any cloud service or solution provider aiming to work with the U.S. federal government. In 2011, the National Institute of Standards and Technology (NIST), the General Services Administration (GSA), the Department of Defense (DOD), the Department of Homeland Security (DHS) and other government agencies […]

CDM Product Brief

Continuous Diagnostics and Mitigation, fondly referred to as CDM, is a familiar term for federal agency security teams and leadership. The original intent of the CDM Program was to help federal agencies improve their security posture, providing technical capabilities to minimize cybersecurity risk. In practice, however, the focus has shifted more towards simply collecting and […]

Request a Demo

Learn how QMULOS can help your company grow by scheduling a demo with our team.