CISO, vCISO, Security Program, Privacy

Virtual Chief Privacy Officer – Outsource Your Privacy Program

The fact that each state in the U.S. seems to have specific privacy laws with no central comprehensive federal law makes it difficult to know what privacy regulations apply to your organization. Therefore, navigating the privacy legal waters requires extensive experience,

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA - Update June 2022

The California Privacy Protection Agency Board held a public meeting on June 8 in Oakland, CA to further the CPRA rulemaking process. The agenda included clarifying section 4, Incompatible Activities Statement, and discussing proposed actions to

Read More

Privacy, CCPA

Biometric Privacy in the Workplace – What You Need to Know

The complex legal landscape surrounding privacy, including biometrics, continues to evolve at the state level. Arduous legislation has led to lengthy privacy policies across the internet. Based on a study conducted by former chief technologist for

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

Why You Should Hire a Virtual Data Protection Officer (vDPO) Now

The Data Protection Officer (DPO) is a role required by the EU General Data Protection Regulation (GDPR). If your organization is subject to GDPR and meets the large-scale data handling factors, you need a DPO. What can you do if you don't have an

Read More

PCI DSS, SOC2, vCISO, Penetration Testing, HIPAA, CIS Controls, Security Program, Risk Assessment, Privacy, CCPA, ISO27001

Why API Pen Tests Should go First

In today's interconnected world, application programming interfaces (APIs) have rapidly become predominant tools for sharing data and providing multiple services within a single application. APIs link ecosystems of technology and are an engine of

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA - Update on Stakeholder Sessions May 4-6, 2022

The California Privacy Rights Act (CPRA) evolution continues with lively public debate in May, where much of the focus is on data collection and automated decision-making. In addition, the California Privacy Protection Agency (CPPA) held

Read More

HIPAA, Privacy, CCPA, GDPR

CPRA Update May 2022

The California Privacy Protection Agency (CPPA) is holding pre-rulemaking stakeholder sessions via zoom this week Wed May 4 –6. The sessions are open to the public, and you can find full details on the CPPA website. Please read on for an overview of

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

The Seven Essential Qualities of a vCISO

Not every business can internally support the staffing and resources necessary to independently develop robust cybersecurity and privacy programs. Fortunately, you can partially or fully outsource to trusted partners the jobs of CISO and IT security

Read More

HIPAA, Privacy, CCPA, GDPR

CPPA Reduces the CPRA Implementation Window for New Privacy Laws

During a public board meeting on February 17, 2022, the California Privacy Protection Agency (CPPA) indicated it would likely miss the July 1, 2022 deadline for the finalized draft of the CPRA. The delay is due to more time and resources required to

Read More

Security Program, Privacy

The Seven Regions of Privacy, Cybersecurity & Compliance

Privacy, cybersecurity, and Compliance are distinct practices with distinct goals. The three disciplines work together to build trust and confidence in your data management system in best-case scenarios.

Read More