Security Program

Guidepost Solutions Acquires Significant Equity Interest in Cybersecurity Solutions Firm Truvantis, Inc.

Truvantis Forms Strategic Partnership to Address Expanding Cybersecurity Risks Guidepost Solutions LLC, a global leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting, announced that it has acquired a

Read More

SOC2

How Much Does It Cost to Get a SOC 2 Report?

Maybe you've been asked to provide a SOC 2 report as part of the sales cycle, or you anticipate you will need SOC 2 compliance at some point. You're wondering how much time and money you must budget to become SOC 2 compliant.  

Read More

CISO, vCISO, Security Program

Recovering from a Data Breach, a Twelve Step Program

According to the IBM Cost of a Data Breach Report 2021:  Average data breach costs rose 10% between 2020 and 2021, from $3.86 million to $4.24 million.  Lost business represented the largest share of breach costs, at an average total cost of

Read More

HIPAA, Privacy, CCPA, GDPR

CPPA Reduces the CPRA Implementation Window for New Privacy Laws

During a public board meeting on February 17, 2022, the California Privacy Protection Agency (CPPA) indicated it would likely miss the July 1, 2022 deadline for the finalized draft of the CPRA. The delay is due to more time and resources required to

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program

Four Compliance Standards that can Accelerate Your Sales Team

Businesses must comply with a mixture of international, industry-specific and state-mandated cybersecurity regulations and require their vendors to do so. For this reason, compliance with specific cybersecurity standards becomes another way to

Read More

Penetration Testing, Security Program

Pen Testing the Cloud and Hybrid Environments

Cloud technologies enable companies to build and run scalable applications in dynamic public, private, and hybrid environments. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify the elastic cloud

Read More

Penetration Testing, Security Program, Red Teaming

The Hackers Guide to API Penetration Testing

Pen testing has traditionally focused on realistic simulated attacks on your network, operating systems and applications. In today's interconnected world, application programming interfaces (APIs) have rapidly become predominant tools for providing

Read More

PCI DSS

PCI-DSS –SAD vs. CHD

When it comes to handling payment cardholder data, PCI DSS has many rules about what you must and must not do when it comes to handling payment data. But the most stringent requirements apply to sensitive authentication data (SAD). 

Read More

PCI DSS

PCI DSS Truncation Rules and Guidelines

The PCI Security Standards Council's redefined truncation rules are a mess.

Read More

PCI DSS

Five Ways to Reduce the Cost of PCI DSS Compliance

If your company stores, processes, or transmits cardholder data, you need PCI DSS compliance. According to the Verizon 2020 Payment Security Report, within the financial and insurance industries, 30% of breaches were caused by web application

Read More