SOC2, Penetration Testing, Security Program, Privacy

The FTC Safeguards Rule – What it Means to Your Business

When it comes to cybersecurity, privacy & compliance, the road forward is often unclear. The recently amendedFTC Safeguards Rule (Title 16 Chapter 1 Subchapter C Part 314, 'Standards for Safeguarding Customer Information') went into effect December 9, 2022.The amended rule

Read More

Security Program, Privacy

CEO News: Getting the Best Value for Your Security Risk Assessment

When it comes to cybersecurity, privacy & compliance, the road forward is often unclear. A proper risk assessment is a fundamental start to moving forward with improving your information security posture. Here are some considerations to help you

Read More

PCI DSS, SOC2, CIS Controls, Security Program, Privacy

2023 Security & Privacy Compliance Trends

Many Organizations are Finding Value in Continuous Compliance In 2023, many organizations are considering cybersecurity and privacy as business accelerators. That means compliance with security and privacy regulations and programs is more prominent

Read More

CIS Controls, Security Program

Surviving Password Manager Data Breach

How your defense-in-depth strategy protected you from the LastPass data breach Most of us like using password managers for the security and user convenience. Password managers gave us a way to adhere to ever more complex password rules without

Read More

Penetration Testing, Security Program, Risk Assessment, Privacy, Threat Intelligence

Cuba Ransomware Attacks Five Critical Sectors in the US

Nowadays, the perpetrators of ransomware have gotten more clever in their methods, using complex strategies such as double extortion, in which they not only encrypt the victim's files but also threaten to reveal vital data if the ransom is not paid.

Read More

SOC2, Security Program

SOC 2 Perils and Pitfalls

Congratulations, product development was successful, and you have the utmost confidence in the capabilities of your new product or service. Engineering has assured you that the necessary controls are in place for secure operation. Sales demos are

Read More

Security Program, Privacy

The Five-Step Adaptable Risk-based Privacy Program

In today's data-driven economy, an organization's data is its most valuable asset. The landscape of privacy regulations is vast and continuously evolving, forcing organizations to select and track applicable requirements for collecting and managing

Read More

Security Program, ISO27001

Scoping Your ISMS for ISO 27001 Compliance

The ISO 27001 standard provides requirements for establishing, implementing, maintaining and continually improving your Information Security Management System (ISMS) within the context of your organization. Your ISMS includes the people, processes

Read More

CISO, vCISO, Security Program

The Board vs. Security & Privacy Programs

In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. Therefore, the need to address cybersecurity and privacy risk is generally accepted. However, there is often a

Read More

CISO, vCISO, Security Program

Finding Peace of Mind in Cybersecurity

Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic

Read More