Privacy information management system considerations for ISO 42001
Organizations that want to pursue ISO 42001 certification and have an existing ISO management system in place need to consider how to integrate an AI management system with their current management system to ensure common objectives and obligations are maintained. The following blog post explores how organizations can integrate an ... Read More

Celebrating Black History Month: Reflections as the Chair of Coalfire’s Black Employee Resource Group
As we embark on another February, I am honored to reflect on the significance of Black History Month from the perspective of serving as the chair of Black Employees in Cybersecurity Obtaining Mentorship, Influence, Networking, and Growth (B.E.C.O.M.I.N.G.), Coalfire's Black Employee Resource Group (ERG). This month holds a special place ... Read More
Guardians of IoT: Addressing IoT security vulnerabilities in electric vehicles and charging stations
The rise of electric vehicles (EVs) and charging infrastructure necessitates robust security measures, especially in the context of IoT integration. Explore the vulnerabilities in EV systems and potential risks, proposing mitigation strategies like firmware updates, user authentication, intrusion detection systems, and collaboration ... Read More
The dark side of AI data privacy: What you need to know to stay secure
This blog post examines the threats of data leakage, bias, and overcollection in AI systems, offering valuable insights and recommendations for effective risk mitigation ... Read More
Mastering AI Risks: Navigating the NIST AI RMF Core with Coalfire
This article delves into mastering AI risks through the application of the NIST AI Risk Management Framework (RMF) Core. It emphasizes the importance of understanding and mitigating the multifaceted risks associated with AI, from ethical dilemmas to data security, and introduces Coalfire’s tailored approach to integrating these principles in business ... Read More
Improving compliance management with mappings and automation
Based on the research in Coalfire’s 2023 Securealities Compliance Report, the third blog in this series examines one of the top concerns of CISOs and compliance program managers: realizing the value of a platform to simplify compliance ... Read More
Navigating the AI security landscape: The federal push for responsible AI adoption
This blog post discusses the U.S. government's commitment to responsible AI through the Executive Order and proposed legislation, outlines key provisions for AI risk management, highlights efforts to strengthen federal AI governance, and emphasizes Coalfire's role in promoting responsible AI practices with the introduction of an AI Risk Management Framework ... Read More
Guardians of IoT: Fortifying the financial sector in the age of IoT
The Internet of Things (IoT) has revolutionized the financial industry, but its associated security vulnerabilities and risks must be addressed to protect sensitive data ... Read More
Navigating the AI security landscape: From executive orders to cyber resilience
Explore the implications of the US Executive Order, discover the challenges and solutions in AI development, and learn how Coalfire's tailored approach ensures robust AI risk management ... Read More
Maximizing the value of threat modeling
Explore four practices that maximize the value of threat models throughout the entire development lifecycle ... Read More