SOC2, HIPAA, CIS Controls, Security Program

3 ways to Approach System Hardening

Out of the box, most operating systems are configured insecurely. OS hardening minimizes an operating system's exposure to threats by properly configuring security settings and removing unnecessary applications and services. The Center for Internet Security (CIS) Benchmarks

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA - Update June 2022

The California Privacy Protection Agency Board held a public meeting on June 8 in Oakland, CA to further the CPRA rulemaking process. The agenda included clarifying section 4, Incompatible Activities Statement, and discussing proposed actions to

Read More

SOC2, HIPAA, CIS Controls, Security Program

18 CIS Controls - an Effective Framework for Security

You can achieve Information security by complying with an adequate set of security policies, standards, and procedures. Of course, there is no such thing as 100% secure, but if you comply with an appropriate set of security policies, standards, and

Read More

PCI DSS, SOC2, vCISO, Penetration Testing, HIPAA, CIS Controls, Security Program, Risk Assessment, Privacy, CCPA, ISO27001

Why API Pen Tests Should go First

In today's interconnected world, application programming interfaces (APIs) have rapidly become predominant tools for sharing data and providing multiple services within a single application. APIs link ecosystems of technology and are an engine of

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA - Update on Stakeholder Sessions May 4-6, 2022

The California Privacy Rights Act (CPRA) evolution continues with lively public debate in May, where much of the focus is on data collection and automated decision-making. In addition, the California Privacy Protection Agency (CPPA) held

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA Update May 2022

The California Privacy Protection Agency (CPPA) is holding pre-rulemaking stakeholder sessions via zoom this week Wed May 4 –6. The sessions are open to the public, and you can find full details on the CPPA website. Please read on for an overview of

Read More

HIPAA, Privacy, CCPA, GDPR

CPPA Reduces the CPRA Implementation Window for New Privacy Laws

During a public board meeting on February 17, 2022, the California Privacy Protection Agency (CPPA) indicated it would likely miss the July 1, 2022 deadline for the finalized draft of the CPRA. The delay is due to more time and resources required to

Read More

HIPAA, Privacy, CCPA, GDPR

Data Privacy Tools in 2022

Three Types of Data Privacy Tools for 2022 Organizations are under extreme pressure to mitigate emerging risks and keep pace with changing regulatory requirements. The frantic pace of new privacy laws layered onto the increasing complexity of modern

Read More

HIPAA, Privacy, CCPA, GDPR

EU Privacy - New GDPR Data Transfer Tools

New EU data privacy laws impact companies in 2022.  In June 2021, the European Commission adopted a new set of standard contractual clauses (SCCs) for the transfer of personal data outside of EU countries such as the United States. Businesses have

Read More

HIPAA, Privacy, CCPA, GDPR

Data Privacy - Dates to Watch for in 2022

Data Privacy - Dates to Watch for in 2022-23 Information privacy is the right of consumers to have some control over how their personal information is collected and used. For businesses, it means the risk of litigation and monetary penalties is

Read More