News

Building your own security monitoring system can feel like a smart, cost-effective move. With open-source tools, cloud platforms, and endless tutorials, a DIY approach promises control and savings. But in practice, most businesses quickly discover a hard truth: Monitoring isn’t the hard part—doing it well, consistently, and at scale is. That’s where a Managed Security Service Provider (MSSP) with a ...

While your business may not need to comply with a federal regulation, healthcare requirements, or an international standard, it most likely will need to comply with its insurance policy. As threat actor activity increases and breaches increase in size and cost, most insurance companies are not only raising their costs, but also checking your work. The insurance industry has been ...

Cybersecurity and Privacy Expertise and Community Support at RMISC 2026. At AmericanCSM.com (https://www.americancsm.com/), we are thrilled to announce our continued support and sponsorship for the Rocky Mountain Information Security Conference (RMISC) 2026. This prestigious 3-day event is set to take place at the Colorado Convention Center from June 23-25, 2026, and represents a vital meeting ground for cybersecurity, compliance, and ...

Happy Data Privacy Day! January 28th is celebrated as Data Privacy Day, since 2008. It is a good time to reflect on the Principles of GDPR, which have now become the core privacy principles all businesses should follow for Data Privacy:

• Lawfulness, fairness, and transparency: Personal data must be processed in a lawful, fair, and transparent manner. 
• Purpose limitation: ...
  
  Read More

Are your critical assets under management, under protection, or even monitored? The need for business environments to establish and maintain a currency around their security posture has never been greater. As criminal activities increase and the advances in technology increase by the threat actors, today’s businesses need to stay in front of these threats through proactive security monitoring methods and ...

Happy Cyber Resilience Awareness Day! Did you know that one of the first computer viruses was created in 1971? It was called Creeper, and while it was a harmless experiment, it proved the concept of a self-replicating computer program. And then, the creator made —yep, you guessed it —the first antivirus program, called Reaper, designed to find and remove the ...

Now that you have decided to use an MSP/MSSP, more detailed thoughts can be put towards “dialing-in” your specific MSP/MSSP services. We have found an easy way to break down this vast area of services is to think about a pancake layer of Infrastructure, IT, Security, Strategy and then Compliance. At ACSM we call this a Secure Information Technology Environment ...

Are you ready for the new audits and assessments that the California Privacy Protection Agency (“CPPA”) require? In July 2025, the CPPA updated the California Consumer Privacy Act (CCPA”) to require businesses to perform Risk Assessments and Cybersecurity Audits. The Risk Assessments apply to businesses that are selling or sharing information, using automated decision-making technology (“ADMT”) to make significant decisions ...

Why use an MSP or MSSP? Outsourcing your IT and Security functions can be intimidating the first time. Most folks are fearful of losing control or unsure how to manage the transition. At AmericanCSM.com we help our clients in this transition, so that maximum operational gains and lowest financial impact can be realized. Below are some benefits and considerations for ...

Outsourcing your IT and Security functions can be intimidating the first time. Most folks are fearful of losing control or unsure how to manage the transition. At AmericanCSM.com we help our clients in this transition, so that maximum operational gains and lowest financial impact can be realized. Below are some benefits and considerations for choosing an MSP/MSSP. Immediate and Long-term ...