Celebrating Black History Month: Reflections as the Chair of Coalfire's Black Employee Resource Group

As we embark on another February, I am honored to reflect on the significance of Black History Month from the perspective of serving as the chair of Black Employees in Cybersecurity Obtaining Mentorship, Influence, Networking, and Growth B.E.C.O.M.I.N.G., Coalfire's Black Employee Resource Group...

Mastering AI Risks: Navigating the NIST AI RMF Core with Coalfire

This article delves into mastering AI risks through the application of the NIST AI Risk Management Framework RMF Core. It emphasizes the importance of understanding and mitigating the multifaceted risks associated with AI, from ethical dilemmas to data security, and introduces Coalfires tailored...

Navigating the AI security landscape: The federal push for responsible AI adoption

This blog post discusses the U.S. government's commitment to responsible AI through the Executive Order and proposed legislation, outlines key provisions for AI risk management, highlights efforts to strengthen federal AI governance, and emphasizes Coalfire's role in promoting responsible AI...

Navigating the AI security landscape: From executive orders to cyber resilience

Explore the implications of the US Executive Order, discover the challenges and solutions in AI development, and learn how Coalfire's tailored approach ensures robust AI risk management...

Guardians of IoT: Strengthening the security of IoT-connected medical devices in the healthcare industry

The healthcare ecosystem requires stakeholders to have a comprehensive grasp of the industry-specific vulnerabilities, especially in its emerging technology. Coalfire examines key healthcare-specific IoT vulnerabilities, helping healthcare IoT manufacturers and medical facility administrations kn...

Hexeon unleashed: human-centric offensive security amplified by technology

Part 3 in a blog series spotlighting Coalfire's 5th Annual Penetration Risk Report...

Breaking down barriers: Redefining the FedRAMP® journey for cloud service providers

Since the passing of the FedRAMP Authorization Act last December, inquiries about navigating FedRAMP's complex landscape have surged. Recognizing this, Coalfire is pioneering a new pathway to streamline the FedRAMP authorization process, making it more accessible for cloud service providers...

Cracking the code to compliance management

Based on recent research and findings from Coalfires 2023 Compliance Report, the second blog in this series outlines compliance program management and performance priorities for CISOs and compliance leaders...

Penetration testing: shifting paradigms from reactive to proactive

Part 2 in a blog series spotlighting Coalfires 5th Annual Penetration Risk Report...

Behind the eight-ball: Why companies struggle with penetration risk

An introduction to a new blog series spotlighting Coalfires upcoming 5th Annual Penetration Risk report...

How the CISO drives value across the enterprise

Coalfire's Securealities 2023 State of CISO Influence report shows that CISOs have a growing responsibility to report to the board/c-suite. During budget planning, CISOs can drive value and secure budget allocations by demonstrating Return on Security Investment ROSI...

The state of cybersecurity compliance in 2023 – part 1

This first blog in the series captures the key takeaways from Coalfires Annual Compliance Report...

Celebrating Asian American and Pacific Islander (AAPI) Heritage Month

Coalfire employees share what Asian American and Pacific Islander AAPI Heritage Month means to them...

Everything you need to know about HITRUST v11

HITRUST v11 is finally here. In this blog post, Coalfire HITRUST experts provide guidance to address the key details surrounding the transition timelines and what organizations can expect with the latest version...

FAQ: Transitioning to the highly anticipated new revision of ISO 27001

For a group like Coalfire Certification that lives and breathes these standards daily, it has been an exciting few months monitoring the progress of this publication and its review through the various ISO working groups...

End the compliance management blues

Coalfire teamed up with one of the worlds leading security technology engineering firms, anecdotes, to expand Compliance Essentials capabilities - automating compliance workflows and risks, evidence collection, and audit execution. All within one platform...

Threat and vulnerability management - No time for complacency

There was some very good news in Coalfires 4th Annual Penetration Risk Report. Most notable was that high-risk vulnerabilities have been cut almost in half since 2018 when we first began reporting our pen testing research derived from thousands of direct client engagements. Also of note, the larg...

FAQ: Transitioning to the highly anticipated new revision of ISO 27001

For a group like Coalfire Certification that lives and breathes these standards daily, it has been an exciting few months monitoring the progress of this publication and its review through the various ISO working groups...

Spotlight: Women of Coalfire part 3

In this spotlight series, we are recognizing some of the women at Coalfire who have shattered glass ceilings and forged their own paths despite the obstacles they faced. Karen Laughton and Michi Everett are two of these women. Karen was the first female to hold an executive position in delivery a...

Spotlight: Women of Coalfire part 1

There is no area of society in which women are free of obstacles to their success due to their gender. I am all too familiar with inequity impacting women - including in the military - where I fought to correct the injustices that affected servicewomen. In the past, servicewomen who became pregna...