Michelle Ofir Geveye

Centraleyes

What is OSCAL? OSCAL provides a traceable and machine-readable data format for capturing and sharing security information. A standardized, continuous representation of an organization’s security controls helps prove compliance with NIST’s risk management framework for mandated federal agencies. FedRAMP joined with NIST to create the Open Security Controls Assessment Language ... Read More

Florida Senate Bill 262 has passed in the Republican-led Florida legislature. The Florida Privacy Act attempts to give consumers the right to opt out of sharing their data for targeted online ads, which are often collected and sold by companies to advertisers. Mass surveillance and overreach by huge online tech ... Read More

In a world marked by the tumultuous waves of the Russia-Ukraine conflict, escalating tensions in the Middle East, disruptions in the Red Sea region, and pivotal elections in many countries, the operational landscape for businesses is increasingly volatile. Geopolitical events wield substantial influence over global business operations.  As the global ... Read More

When the guys at the National Institute of Standards and Technology (NIST) released the inaugural Cybersecurity Framework in February 2014, it did not include a batch of questions that were almost certainly on their minds but not in the framework. The answer came quicker and different than they expected: the ... Read More

What is a Security Audit? At its core, an audit systematically examines an organization’s processes, controls, and practices. In cybersecurity, audit management involves assessing the effectiveness of security measures, identifying vulnerabilities, and ensuring compliance with industry standards and regulations. Why are Audits Important? Risk Identification and Mitigation Audits uncover potential ... Read More

The Apollo 13 Odyssey and Cloud Security: Ensuring a Safe Return in the Digital Frontier The Apollo 13 mission stands out as a testament to human resilience and the critical importance of meticulous planning. Launched in 1970 to land on the moon, Apollo 13 faced an unforeseen crisis—an oxygen tank ... Read More

As artificial intelligence (AI) continues its march toward realization, the realm of “possible” expands with each passing day. Breakthroughs in machine learning, advanced computing, and cognitive reasoning are revolutionizing industries and reshaping how we envision the future of technology. Yet, amidst this wave of innovation, a pressing need emerges to ... Read More

“AI is too important not to regulate—and too important not to regulate well,” asserts Google, capturing the sentiment resonating across the global tech landscape. Indeed, the regulation of Artificial Intelligence looms large on the horizon, and in many ways, it’s already underway.  Take the European Union’s ambitious AI Act, for ... Read More

Compliance Risk Assessments For a Dynamic Regulatory Terrain Crafting an effective compliance program is no one-size-fits-all endeavor; it involves tailoring a comprehensive strategy that addresses your company’s unique needs and confronts specific challenges head-on. In navigating the regulatory landscape, it’s crucial to recognize the dynamic nature of regulatory bodies. Regulators ... Read More

Understanding ISO Standards ISO standards are internationally recognized guidelines that ensure organizations meet specific quality, safety, and efficiency criteria in their products, services, or processes. These standards are designed to bring consistency to various industries and facilitate international trade. ISO covers many areas, from quality management (e.g., ISO 9001) to ... Read More