Skip to the main content.

Modernize & Transform

Built to help you reimagine IT operations, empower your workforce, and leverage AI-powered tools to stay ahead of the curve.

Untitled design (3)

Empower My Team

We bring together the best of Microsoft’s cloud ecosystem and productivity tools to help your people thrive.

Untitled design (3)

Build My Infrastructure

We offer a comprehensive suite of infrastructure services tailored to support your business goals today and scale for the future

Untitled design (3)

IT Services

Our managed and co-managed IT service plans deliver a responsive and innovative engagement to support your IT needs, improve employee experience, and drive growth for your business. 

Untitled design (3)

Cybersecurity Services

Sourcepass offers innovative solutions, including SOC, GRC, Security Assessments, and more to protect your business.

Untitled design (3)

Professional Services

Grow your business with cloud migrations, infrastructure refreshes, M&A integrations, staff augmentation, technical assessments, and more.

Untitled design (3)

Resource Library

Stay ahead, stay connected, and discover the future of IT with Sourcepass.

Untitled design (3)

Events & Webinars

Dive into a dynamic calendar of webinars and in-person gatherings designed to illuminate the latest in managed IT services, cybersecurity, and automation.

Untitled design (3)

 

The Sourcepass Story

Sourcepass aims to be different. It is owned and operated by technology, security, and managed services experts who are passionate about delivering an IT experience that clients love.

Untitled design (3)

The Sourcepass Experience

At Sourcepass, we’re rewriting the IT and cybersecurity experience by helping businesses focus on what they do best, while we deliver the infrastructure, insights, and innovation to help them thrive.

Untitled design (3)

 

The NIST CSF Version 2.0 is Coming in 2024

 
The NIST CSF Version 2.0 is Coming in 2024

The NIST Cybersecurity Framework (NIST CSF) is a freely available, widely applicable set of recommendations and guidelines created by the National Institute of Standards and Technology to assist organizations in securing themselves from threats to their information security. Originally published in 2014, the framework has received numerous updates, and in early 2024, the official second version of the framework, version 2.0, will be released.  

Currently, the NIST CSF covers five core functions of any mature cybersecurity program:  

  •  Identify – Fully understand and document the organization and its assets, people, processes, objectives, etc.  
  •  Protect – Implement controls to protect everything documented in the Identify step.  
  •  Detect – Implement systems for detecting threats to everything documented in the Identify step.  
  •  Respond – Implement policies, procedures, plans, and guidelines for responding to detected threats.  
  •  Recover – Implement policies, procedures, plans, and guidelines for recovering from detected threats.  

The core purpose of the five functions is to accurately inventory the organization and implement ways to protect its systems from threats, with each system being protected according to its relative criticality to the organization.  

A New Function: Govern

With the upcoming release of the NIST CSF version 2.0, a new function is being added to the framework: Govern. The Govern function will require organizations to perform increased due diligence, risk management, role delegation, and more.

Organizations will need to develop teams and procedures for determining the risk of third-party partners, suppliers, vendors, etc., and these risk assessment efforts must be formally documented. Risk management must be prioritized according to how critical the relationship with each third-party is determined to be.  

Sourcepass is Here to Assist

Third-party governance can be a time consuming and complex task, particularly in larger organizations. As part of our compliance and risk management services, Sourcepass can act as a liaison between your organization and your third parties. We will assist you in documenting your third-party relationships, assign a criticality ranking to them, and reach out to them on your behalf to perform due diligence reviews, all of which is formally documented and tracked in a private portal which you can access at any time.  

James Reichle is the Sourcepass Senior Cyber Risk Advisor. Reach out to James at (877) 678-8080.