LevelBlue Blog

Evolving Regulatory Requirements Governments across the globe have introduced new legislation to address the escalating risks of cybersecurity threats. In 2021, the United States issued executive order 14028, requiring government agencies to develop a plan for implementing a zero-trust security strategy. This included rolling out multi-factor authentication (MFA), data encryption, and ensuring employees have secure access to the data and applications they… Read more →

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Maintaining Cybersecurity compliance is an arduous task, fraught with challenges. It's costly and time-consuming, and often, the complexity of regulations outpaces an organization's ability… Read more →

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of that determination. The disclosure should describe the material aspects of the incident, including the nature of the incident, the impact… Read more →

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Cyberattacks have become increasingly common, with organizations of all types and sizes being targeted. The consequences of a successful cyberattack can be devastating. As a result,… Read more →

This is the fifth blog in the series focused on PCI DSS, written by an LevelBlue consultant. See the first blog relating to IAM and PCI DSS here. See the second blog on PCI DSS reporting details to ensure when contracting quarterly CDE tests here. The third blog on network and data flow diagrams for PCI DSS compliance… Read more →