Awareness

An abstract landscape of blue and red lights imposed on a flat surface, with an abstract red shield floating above it.

Preparing Personnel and Policy for CMMC

| | Awareness, CMMC, Continuum GRC, personnel and policy, policy controls
To meet CMMC requirements, organizations need a security strategy that integrates technology, people, and policies. It is important to know when to use IT solutions and when to involve HR and leadership ...
MichaelPeters.org

Navigating the Frontier of Shadow AI

| | AI, Awareness, CMMC, FedRAMP, GDPR, NIST, shadow IT
Employees across every department are experimenting with generative AI tools to write emails, analyze data, summarize documents, and debug code. According to IBM’s 2025 Cost of a Data Breach Report, one in ...
MichaelPeters.org
Hands holding a tablet, in front of which there is an abstract wheel with symbols related to digital technology and security.

Using Your MSP to FedRAMP Authorization Time Through Control Inheritance

| | audit and compliance, Awareness, FedRAMP, frameworks, MSP
A FedRAMP Moderate baseline, now classified as Class C under the updated FedRAMP 20x framework, requires documentation and validation of over 300 controls–not an insignificant number, regardless of the enterprise.  Modern IT, ...
MichaelPeters.org
Lazarus Alliance proactive cybersecurity, accreditation, and GovRAMP assessment services.

Using FedRAMP To Fast Track Your GovRAMP Market Entry

| | audit compliance, Awareness, FedRAMP, GovRamp, StateRAMP
The barrier between federal and state cloud procurement has effectively dissolved for authorized providers. With StateRAMP’s rebranding to GovRAMP and the FedRAMP RFC-0024 mandate for authorization packages, the opportunity to pursue a ...
MichaelPeters.org

Prompt injection: Can a fifth grader steal your data?

| | "M&A Due Diligence", Awareness, MA
Prompt injection lets attackers manipulate AI chatbots using plain English — no technical skills required. Learn how this overlooked vulnerability should reshape your tech acquisition due diligence checklist.The post Prompt injection: Can ...
Blog

Prompt injection: Can a fifth grader steal your data?

| | "M&A Due Diligence", Awareness, MA
Prompt injection lets attackers manipulate AI chatbots using plain English — no technical skills required. Learn how this overlooked vulnerability should reshape your tech acquisition due diligence checklist.The post Prompt injection: Can ...
Blog
FedRAMP image compact. Authorized 2025 cloud solutions.

Navigating FedRAMP’s Move to Certification Classes 

| | Awareness, FedRAMP, FedRAMP 20x, FedRAMP impact levels, frameworks
Anchored by the FedRAMP Authorization Act and OMB Memo M-24-15, FedRAMP is undergoing a major change that affects virtually every aspect of how cloud service providers pursue, achieve, and maintain federal authorization ...
MichaelPeters.org
orange glowing circuits on a blue motherboard with a magnifying glass laying on top of it all.

CIRCIA And The Future Of Federal Cyber Incident Reporting

| | Awareness, CIRCIA
For years, federal visibility into large-scale cyber incidents has depended on voluntary disclosure tied to regulations. The result has been delayed response coordination and inconsistent data quality. The Cyber Incident Reporting for ...
MichaelPeters.org
Hands typing on a laptop with digital symbols above them, primarily a glowing shield with a keyhole in it.

What is the Duty of Care in Cybersecurity?

| | Audit Machine, Awareness, data privacyt, duty of care
Data privacy and security are often framed as organizational requirements, and as such include discussions of ROI, staffing, compliance, and so on. However, the obligations enterprises and agencies face in protecting data ...
MichaelPeters.org
blue digital padlock on an abstract, transparent projection of a globe.

CMMC Waivers and the Potential for Strategic Certification

| | audit compliance, Awareness, CMMC, cmmc waivers
As the CMMC program evolves in 2026, following the solidification of the final rule and the timelines for required certification, the Cyber AB wrestles with the need to streamline adoption across contractors ...
MichaelPeters.org
Load more