PCI DSS, CIS Controls, Security Program, Privacy, ISO27001

Cybersecurity Maturity - One Size Does Not Fit All – Rick Folkerts

It's common knowledge that enterprise organizations need effective security, privacy and compliance programs to survive and grow. There are a handful of generic best practices but beyond that, cybersecurity programs must be tailored to the individual organization. In this

Read More

Privacy

How do Health Care Technology Organizations Manage Data Privacy Risks?

What's new with State Privacy Laws? There are now ten comprehensive privacy laws enacted in the United States. The new 2023 laws include those in Montana, Indiana, Iowa, Tennessee, and Texas. These laws join existing laws, including California,

Read More

Privacy

Tennessee's New Privacy "Shield": 3 Tips for Approaching the NIST Privacy Framework by Jerrod Montoya

What's new with State Privacy Laws? There are now ten comprehensive privacy laws enacted in the United States. The new 2023 laws include those in Montana, Indiana, Iowa, Tennessee, and Texas. These laws join existing laws, including California,

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

The vCISO’s Guide to Managing Risk in Your Environment

Cybersecurity and privacy risks remain among the top threats facing business organizations today. Increasingly, boards are leaning on the CISO role to guide investments in cybersecurity and privacy programs, emphasizing the importance of risk

Read More

Security Program, Privacy

What is a Security Risk Assessment?

"I think this is a colossal failure in asset-liability risk management,"-Mark T. Williams, a former bank examiner for the Federal Reserve, referring to actions that led to Silicon ValleyBank's seizure by federal regulators.*

Read More

SOC2, Penetration Testing, Security Program, Privacy

How HealthTech Startups use Security as a Competitive Advantage

HealthTech is among the most well-funded and rapidly growing industries. However, the medical sector is one of the most challenging areas for launching a startup. Laws, regulations, high security & privacy standards, and the complexity of

Read More

SOC2, Penetration Testing, Security Program, Privacy

The FTC Safeguards Rule – What it Means to Your Business

When it comes to cybersecurity, privacy & compliance, the road forward is often unclear. The recently amendedFTC Safeguards Rule (Title 16 Chapter 1 Subchapter C Part 314, 'Standards for Safeguarding Customer Information') went into effect

Read More

Security Program, Privacy

CEO News: Getting the Best Value for Your Security Risk Assessment

When it comes to cybersecurity, privacy & compliance, the road forward is often unclear. A proper risk assessment is a fundamental start to moving forward with improving your information security posture. Here are some considerations to help you

Read More

PCI DSS, SOC2, CIS Controls, Security Program, Privacy

2023 Security & Privacy Compliance Trends

Many Organizations are Finding Value in Continuous Compliance In 2023, many organizations are considering cybersecurity and privacy as business accelerators. That means compliance with security and privacy regulations and programs is more prominent

Read More

Penetration Testing, Security Program, Risk Assessment, Privacy, Threat Intelligence

Cuba Ransomware Attacks Five Critical Sectors in the US

Nowadays, the perpetrators of ransomware have gotten more clever in their methods, using complex strategies such as double extortion, in which they not only encrypt the victim's files but also threaten to reveal vital data if the ransom is not paid.

Read More