SCF

• 23NYCRR500
• Acquisitions
• AI
• Allan Alford
• Analytics
• Artificial Intelligence
• Assessment
• assessor
• Assurance
• Audit
• auditor
• C-SCRM
• Capability Maturity Model
• CDPAS
• Certification
• CISO Series
• CMM
• CMMC
• Compliance
• ComplianceForge
• Control Objectives
• Controls
• cyber ab
• Cybersecurity
• cybersecurity assessments
• cybersecurity audit
• cybersecurity compliance
• Cybersecurity Control Scoping
• cybersecurity controls
• cybersecurity due diligence
• Cybersecurity Maturity
• data privacy controls
• David Spark
• Divestitures
• due care
• due diligence
• ESG
• evidence
• evidence request list
• Governance
• GRC
• Guidelines
• IP Services
• M&A
• M&A
• MA&D
• Maturity Model
• Mean Time To Detect
• Mean Time To Respond
• Mergers
• Mergers & Acquisitions
• Metaframework
• Metrics
• MTTD
• MTTR
• NIST
• NIST 800-171
• NIST Assessment
• NIST CSF
• NIST CSF 2.0
• NIST CSF Assessment
• NIST CSF Tier
• NIST Cybersecurity Framework
• NNPI
• NY DFS
• NY DFS 23NYCRR Part 500
• NYDFS
• People Processed Technology Data Facilities
• Policies
• PPT
• PPTD
• PPTDF
• Private Equity
• Procedures
• Project Cybersecurity Criteria
• Resilience
• Risk
• risk catalog
• Safe Harbor
• SB2610
• SCF
• SCF Architect
• SCF Assessor
• scf cap
• SCF Certification
• SCF ESG
• SCF Practitioner
• scf rpo
• SCF Training
• SCFConnect
• Scott Alldridge
• SCRM
• SDLC
• Secure Controls Framework
• Security
• Security & Privacy Capability Maturity Model
• SMART Metrics
• SOC 2
• SP-CMM
• Standards
• Supply Chain Risk Management
• Texas Cybersecurity Law
• Texas SB2610
• The Cyber AB
• Third Party Cybersecurity Controls
• Third-Party Risk Management
• threat catalo
• Tier
• TSC
• UK CAF
• Venture Capital
• Vigilant Systems
• VisibleOps Cybersecurity
• Cybersecurity Training & Awareness
• SCF Domain

Security & Privacy Capability Maturity Model (SP-CMM) Use Case #4 – Due Diligence In Mergers & Acquisitions (M&A)

SCF Council April 19th, 2023 4 minute read

cybersecurity assessments | cybersecurity audit | cybersecurity due diligence | due diligence | M&A | Mergers & Acquisitions | SCF

Security & Privacy Capability Maturity Model (SP-CMM) Use Case #3 – Provide Objective Criteria To Evaluate Third-Party Service Provider Security

SCF Council April 19th, 2023 4 minute read

C-SCRM | SCF | SCRM | Supply Chain Risk Management | Third Party Cybersecurity Controls | Third-Party Risk Management

Security & Privacy Capability Maturity Model (SP-CMM) Use Case #2 – Assist Project Teams To Appropriately Plan & Budget Secure Practices

SCF Council April 19th, 2023 3 minute read

Cybersecurity Maturity | Maturity Model | Project Cybersecurity Criteria | SCF | SDLC | SP-CMM

SCFConnect - SaaS approach to using the SCF

SCF Council March 2nd, 2023 1 minute read

GRC | SCF | scf cap | SCFConnect

Words Matter - Understanding Policies, Control Objectives, Standards, Guidelines & Procedures

SCF Council February 11th, 2023 5 minute read

Compliance | Control Objectives | Controls | Governance | GRC | Guidelines | Policies | Procedures | Risk | SCF | Secure Controls Framework | Standards

SCF Risk & Threat Catalog

SCF Council January 19th, 2023 13 minute read

risk catalog | SCF | Secure Controls Framework | threat catalo

Let's Talk About Evidence - Evidence Request List (ERL)

SCF Council November 2nd, 2022 1 minute read

assessor | auditor | due care | due diligence | evidence | evidence request list | SCF | scf cap | Secure Controls Framework

Cybersecurity & Privacy Implications For Environmental, Social & Governance (ESG)

SCF Council November 18th, 2021 3 minute read

ESG | SCF | SCF ESG | Secure Controls Framework

Defense In Depth Podcast - SCF

SCF Council February 23rd, 2021 1 minute read

Allan Alford | CISO Series | David Spark | SCF | Secure Controls Framework

« Back to Blog