IT and Business Insights for SMB Solution Providers

Mike Semel

Compliance for Profit
November 5th, 2021 | Mike Semel | Compliance for Profit
As predicted, on November 4, the United States Department of Defense (DoD) announced major changes to the Cybersecurity Maturity Model Certification (CMMC) program for defense contractors.CMMC Model 2.0 is a more streamlined cybersecurity requirement and is designed to lower costs for smaller - Read More
 
August 5th, 2021 | Mike Semel | Compliance for Profit
The planned Cybersecurity Maturity Model Certification (CMMC) requirements for defense contractors are encountering significant delays, higher costs, and resistance. While these may just be growing pains, there are also alleged improprieties involving Department of Defense (DoD) and CMMC - Read More
 
March 31st, 2021 | Mike Semel | Compliance for Profit
The Cybersecurity Maturity Model Certification (CMMC) is the new cybersecurity framework for defense contractors that is being rolled out over five years. In the meantime, the Department of Defense (DoD) announced an interim rule requiring defense contractors to self-assess their implementation of - Read More
 
February 22nd, 2021 | Mike Semel | Compliance for Profit
The federal government is handing MSPs big opportunities to make money with regulated clients. A new HIPAA law rewards healthcare providers, and the business associates they work with, if they implement the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF). A new - Read More
 
December 22nd, 2020 | Mike Semel | Compliance for Profit
You may have heard me speak or write about the risk of businesses using phony HIPAA compliance seals in their marketing. My warnings were based on a conversation I had with a Federal Trade Commission (FTC) attorney when we were both speaking at the National HIPAA Summit. She told me if a company - Read More
 
November 12th, 2020 | Mike Semel | Compliance for Profit
During an executive client briefing, I showed the CEO his organization’s written cybersecurity policy, which stated that all data must be stored on servers and was prohibited from being stored on local computers. Then I showed him their written policy that all data protected by regulations must be - Read More