SOC2, CISO, vCISO, Security Program, Privacy

Using Cyber Security to Enable Sales

Information security and privacy programs are generally about managing risk, but they can also impact your sales team by either slowing down or ...

Read More

Security Program, Risk Assessment

Diminishing Returns in Cybersecurity

If you have ever taken a course in economics, then you should know a thing or two about the law of diminishing returns. It may very well be the ...

Read More

CIS Controls, Security Program

CIS V7: What's New and What to do

The CIS controls are a body of best practice for information security, curated by the Center for Internet Security, regarding how organizations ...

Read More

Penetration Testing, Security Program, Risk Assessment

The Marriott Hack: A Cautionary Tale for Corporate Acquisitions

The case of the Marriott hack is, at once, an alarming prospect for the chain’s previous guests and an invaluable case study for any ...

Read More

PCI DSS, Security Program

I never touch Cardholder Data. So PCI DSS does not apply to me - Right?

Payment cards have been around a long time, and nefarious schemes to take advantage of them have been around almost as long. Since most people ...

Read More

Penetration Testing, CIS Controls, Security Program, Risk Assessment

Coronavirus Cybersecurity Recommendations

In these difficult times, as many of us adapt to the disruptive new-normal of distance working, a robust information security program becomes ...

Read More

CISO, Security Program

Social Engineering in the Retail Industry

The retail industry is one of the most crucial pillars propping up the United States’ economy. Without it, approximately 42 million Americans—a ...

Read More

Security Program

WPA3 for WiFi is here! Almost.

Choosing the correct form of encryption will always be a game with moving goalposts. Encryption algorithms and associated transport protocols ...

Read More

PCI DSS, SOC2, vCISO, HIPAA, CIS Controls, Security Program

How much of your Information Security function can you safely outsource?

Outsourcing is now very common among technology companies. Sometimes a whole function is delegated externally such as accounting, HR, marketing. ...

Read More

PCI DSS, SOC2, CISO, vCISO, HIPAA, CIS Controls, Security Program

7 Advantages of using a "virtual CISO" (vCISO)

A growing trend in the world of Cyber Security is companies outsourcing of some or all of their Information Security teams. This can be just a ...

Read More