Resources By Richard Mendoza
Richard is a Senior Virtual Chief Information Security Officer with CompassMSP. He has over twenty-five years of experience as an Information Security professional with hands-on experience in engineering process and info...
The NYDFS Part 500 Ransomware Update: What Every Covered Entity Needs to Know
Understand the critical updates to NYDFS Part 500 and prepare for compliance by the April 2026 deadline to avoid penalties.
The End of Optionality: Why Florida’s New Cybersecurity Mandates Are the Warning Shot for Law Firms Nationwide
Discover the urgent need for law firms to adopt new cybersecurity standards to protect client data and ensure compliance with evolving regulations. Based on regulatory updates in F...
NIST Cybersecurity Framework
Get a clear, practical breakdown of the NIST Cybersecurity Framework. Learn how to identify risks, strengthen security, and build resilience with a simple plan.
.gif)
The Top 5 Managed IT Providers for Small and Mid-Sized Legal Companies in 2026
Discover the top 5 managed IT providers for small and mid-sized law firms in 2026, focusing on integrated cybersecurity and compliance solutions.
CMMC Compliance in 2025: The Strategic Roadmap for Defense Contractors
Navigating CMMC compliance is crucial for defense contractors in 2025. Learn how to meet new standards and turn regulatory challenges into competitive advantages. The blog discusse...
AI-Generated Deepfakes Are Here: Why Your Business Governance Must Adapt
Combat AI-driven deepfake threats with resilience and robust governance. Learn how to protect your business from sophisticated cyberattacks targeting trust and financial control.
Webinar | Every Laptop is a Front Door: How to Secure Your Remote Teams
Secure your remote teams against cyber threats. Join our webinar to learn practical strategies for protecting your business and addressing the unique challenges of remote work.
Shut The Front Door: 7 Ways to Strengthen Your Remote Work Security
Discover practical tips to safeguard distributed workforces from cyber threats, focusing on aspects like multi-factor authentication, secure networks, employee training, and modern...
Stop Guessing, Start Strategizing: A Leader's Guide to the NIST Identify feature
This guide will walk you through what a real risk assessment is from a vCISO's perspective. This process is the formal starting point of any mature security program and the foundat...
The NIST Cybersecurity Framework 2.0: A Business Leader's Playbook for Cyber Resilience
Discover how the NIST Cybersecurity Framework 2.0 can help business leaders improve cyber resilience and manage risk effectively. Learn to implement it without a full-time CISO.
The NIST "Recover" Function: The Difference Between Disaster Recovery and Business Continuity
Understanding the NIST Recover Function: Why Disaster Recovery and Business Continuity are both crucial for minimizing downtime and maintaining operations during a cyber incident.
NIST CSF 2.0 vs. 1.1: What the New Govern Function Means for Your Business
Discover the new Govern function in NIST's Cybersecurity Framework and how it helps small businesses enhance their cybersecurity governance and resilience.
Chaos vs. Control: Your Guide to the NIST "Respond" Function & Incident Response Planning
Learn how a strategic Incident Response Plan (IRP) can save you $1.49 million and prevent chaos during a cybersecurity breach. Discover key aspects of the NIST Respond function.