A SOC 2 Type 2 audit is an evaluation of risk for buyers and, a vehicle for communicating trust between two parties. But is it right for your organization?
Security Program vCISO CISO Privacy PCI DSS SOC2 Penetration Testing Risk Assessment CIS Controls Threat Intelligence CCPA HIPAA Red Teaming CPRA ISO27001 GDPR Ransomware Red Team HITRUST
A SOC 2 Type 2 audit is an evaluation of risk for buyers and, a vehicle for communicating trust between two parties. But is it right for your organization?
In this interview with Truvantis CEO Andy Cottrell, Aaron Wheeler discusses conducting tabletop exercises and how his clients derive value. What is a Tabletop Exercise? “It's a chance for clients to stress test environment policiesand procedures. In
In this interview with Truvantis CEO Andy Cottrell, Jenny Hill discusses the challenges and evolution of security programs she sees across industries. In theory, cybersecurity should be easy. Why is it so hard? “It never stays stagnant. Every minute
PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming
Cybersecurity and privacy risks remain among the top threats facing business organizations today. Increasingly, boards are leaning on the CISO role to guide investments in cybersecurity and privacy programs, emphasizing the importance of risk
In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. Therefore, the need to address cybersecurity and privacy risk is generally accepted. However, there is often a
Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic
SOC2, CISO, vCISO, Security Program
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF
SOC2, CISO, vCISO, Security Program
Topic: The Compliance Equals Security Disconnect “Use the tools at your disposal correctly, stay current on threats, monitor your security posture, and live a long, prosperous, secure life." A discussion between Sean Costigan, Prof, George C.
SOC2, CISO, vCISO, Security Program
You likely need a risk assessment for compliance. PCI DSS 4.0, SOC2, ISO 27001, NIST, HIPAA, and other standards require a risk assessment as a fundamental part of a robust security program— and they're right to make this fundamental analysis a
CISO, vCISO, Security Program, Risk Assessment, ISO27001
ISO27001 is the certifiable ISO standard that describes how to manage an Information Security Management System (ISMS) securely. 27001 is compatible with other standards and regulations, including SOX, GLBA and other cybersecurity regulations.
A SOC 2 Type 2 audit is an evaluation of risk for buyers and, a vehicle for communicating trust between two parties. But is it right for your ...
In this interview with Truvantis CEO Andy Cottrell, Aaron Wheeler discusses conducting tabletop exercises and how his clients derive value. What ...
In this interview with Truvantis CEO Andy Cottrell, Jenny Hill discusses the challenges and evolution of security programs she sees across ...
PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming
Cybersecurity and privacy risks remain among the top threats facing business organizations today. Increasingly, boards are leaning on the CISO ...
In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. ...
Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly ...
SOC2, CISO, vCISO, Security Program
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed ...
SOC2, CISO, vCISO, Security Program
Topic: The Compliance Equals Security Disconnect “Use the tools at your disposal correctly, stay current on threats, monitor your security ...
SOC2, CISO, vCISO, Security Program
You likely need a risk assessment for compliance. PCI DSS 4.0, SOC2, ISO 27001, NIST, HIPAA, and other standards require a risk assessment as a ...
CISO, vCISO, Security Program, Risk Assessment, ISO27001
ISO27001 is the certifiable ISO standard that describes how to manage an Information Security Management System (ISMS) securely. 27001 is ...