Blog

CISO, vCISO, Security Program

The Board vs. Security & Privacy Programs

In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. Therefore, the need to address cybersecurity and privacy risk is generally accepted. However, there is often a lack of clarity over the lines

Read More

CISO, vCISO, Security Program

Finding Peace of Mind in Cybersecurity

Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic

Read More

SOC2, CISO, vCISO, Security Program

The Three Levels of HITRUST CSF r2 Compliance

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF

Read More

SOC2, CISO, vCISO, Security Program

Video | The Compliance Equals Security Disconnect

Topic: The Compliance Equals Security Disconnect “Use the tools at your disposal correctly, stay current on threats, monitor your security posture, and live a long, prosperous, secure life." A discussion between Sean Costigan, Prof, George C.

Read More

SOC2, CISO, vCISO, Security Program

Security Risk Assessments & Why Compliance Equals Security

You likely need a risk assessment for compliance. PCI DSS 4.0, SOC2, ISO 27001, NIST, HIPAA, and other standards require a risk assessment as a fundamental part of a robust security program— and they're right to make this fundamental analysis a

Read More

CISO, vCISO, Security Program, Risk Assessment, ISO27001

Three Steps to ISO 27001 Compliance

ISO27001 is the certifiable ISO standard that describes how to manage an Information Security Management System (ISMS) securely. 27001 is compatible with other standards and regulations, including SOX, GLBA and other cybersecurity regulations.

Read More

SOC2, CISO, vCISO, Security Program

Solving the Cybersecurity Skills Gap Challenge

All organizations face the challenges of new cybersecurity and privacy laws, a sharp increase in cybersecurity litigation, and the ceaseless evolution of ransomware and cyber-threats. As a result, mature risk management and IT security team have

Read More

SOC2, CISO, vCISO, Security Program

The Compliance Equals Security Disconnect

"Compliance is NOT Security" You hear this common lament from security professionals, "Compliance is not security." This remark has always sounded like an excuse to me. I suppose the reason is that most people who utter this phrase always seem to

Read More

CISO, vCISO, Security Program, Privacy

Virtual Chief Privacy Officer – Outsource Your Privacy Program

The fact that each state in the U.S. seems to have specific privacy laws with no central comprehensive federal law makes it difficult to know what privacy regulations apply to your organization. Therefore, navigating the privacy legal waters

Read More

CISO, vCISO, Security Program, Risk Assessment, ISO27001

Seven Reasons to Implement ISO27001

One of the best ways to demonstrate the suitability of your Information Security Management System (ISMS) to your organization, customers, and partners is to achieve a globally recognized certification. The ISO 27001 certification is also a

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2022 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service