SOC2, Security Program

SOC 2 Perils and Pitfalls

Congratulations, product development was successful, and you have the utmost confidence in the capabilities of your new product or service. Engineering has assured you that the necessary controls are in place for secure operation. Sales demos are going well in the field, and

Read More

Security Program, Privacy

The Five-Step Adaptable Risk-based Privacy Program

In today's data-driven economy, an organization's data is its most valuable asset. The landscape of privacy regulations is vast and continuously evolving, forcing organizations to select and track applicable requirements for collecting and managing

Read More

Security Program, ISO27001

Scoping Your ISMS for ISO 27001 Compliance

The ISO 27001 standard provides requirements for establishing, implementing, maintaining and continually improving your Information Security Management System (ISMS) within the context of your organization. Your ISMS includes the people, processes

Read More

CISO, vCISO, Security Program

The Board vs. Security & Privacy Programs

In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. Therefore, the need to address cybersecurity and privacy risk is generally accepted. However, there is often a

Read More

CISO, vCISO, Security Program

Finding Peace of Mind in Cybersecurity

Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic

Read More

Security Program, Privacy

Three Essential Elements of an Adaptable Risk-Based Privacy Program

Given the complexity and cost of security, privacy and compliance efforts, a comprehensive risk management program is the best overall approach. A combined program helps reduce duplicate efforts and optimizes the ability to adapt to changes.

Read More

Security Program, HITRUST

Is HITRUST just for Healthcare or Everybody?

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF

Read More

Penetration Testing, Security Program

The Top Five Criteria for Selecting Your Penetration Testing Vendor

According to the hacker news October 2022, researchers reported that organizations using Office 365 Message Encryption (OME),considered obsolete legacy technology by Microsoft, are subject to a vulnerability thatwould allow rouge third parties to

Read More

Security Program, Privacy

Security is the Foundation for Building an Adaptable, Future-Proof Privacy Program

Privacy regulations boil down to protecting information. In other words, privacy is about the security of data. In today’s data-driven economy, your organization’s data is often its most valuable asset. You may be subject to multiple jurisdictions

Read More

SOC2, CISO, vCISO, Security Program

The Three Levels of HITRUST CSF r2 Compliance

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF

Read More