• New Framework: NIST CSF 2.0
March 6th, 2024
ControlMap now supports NIST CSF 2.0. As the first major update to the framework since 2014, NIST CSF 2.0 takes cybersecurity compliance to the next level with the addition of the Govern core function. In addition, revisions to the framework have made it applicable to organizations of any size as well, supporting compliance programs of any maturity level.
• Breach Secure Now - Integration
March 18th, 2024
Within ControlMap, MSPs can now integrate with Breach Secure Now, a cybersecurity training platform. This allows MSPs to assess completed security training across their clients and map training status to compliance controls. See Integration with Breach Secure Now for more details.
• Duo Security - Integration
March 4th, 2024
With the Duo Security integration, ControlMap users gain the ability to seamlessly sync employee data from Duo Security directly into ControlMap. This includes essential security data such as MFA status, enabling MSPs to map the data to compliance controls. See Connecting to DUO for more details.
• New Framework: HIPAA Privacy Rule
March 18th, 2024
This framework provides federal standards to safeguard the privacy of personal health information and gives patients an array of rights concerning that information, including the right to examine and obtain a copy of their health records and to request corrections.
• New Framework: Breach Notification Rule
March 18th, 2024
HIPAA's Breach Notification Rule requires covered entities to notify patients when their unsecured protected health information (PHI) is impermissibly used or disclosed—or “breached”—in a way that compromises the privacy and security of the PHI. See Integration with Breach Secure Now for more details.
• Activity Logs
March 18th, 2024
Many cybersecurity frameworks, including NIST CSF 2.0 and CMMC 2.0, require tracking activities throughout the compliance journey. Now, within ControlMap, admins can view "Activity Logs", a list of tracked activities within the platform. This includes anything that is created (such as an asset), updated (such as a status update), imported (such as a framework), or deleted (such as a policy).