Blog

SOC2, vCISO

The Meaning of SOC from the AICPA

What does SOC mean and why does it matter? How did a CPA organization come to audit information systems for cybersecurity and privacy controls? Spoiler alert. The acronym SOC currently means System and Organization Controls, but that wasn't always the case. Read on to learn why.

Read More

HIPAA, Privacy, CCPA, GDPR

EU Privacy - New GDPR Data Transfer Tools

New EU data privacy laws impact companies in 2022. In June 2021, the European Commission adopted a new set of standard contractual clauses (SCCs) for the transfer of personal data outside of EU countries such as the United States. Businesses have

Read More

SOC2, Security Program

The Four Essential Elements of SOC 2 Type 2 Compliance

The Type 2 audit measures your organizations’ ability to maintain security, availability, processing integrity, privacy, and confidentiality operationally over time. A SOC 2 Type 2 investment helps build resiliency into your business. It

Read More

SOC2, CISO, vCISO, Security Program

vCISO - Stories from the Trenches

Disasters, heroics, funny stories, and impacts to business success Nate Hartman describes a six-month stint as an acting CISO or virtual CISO (vCISO) at a fast-paced Silicon Valley tech company.

Read More

SOC2, CISO, vCISO, Security Program

What are the SOC 2 Trust Services Criteria?

The SOC 2 Trust Services Criteria (TSCs) for information technology, is a framework for designing, implementing and evaluating information system controls. The purpose of controls is to ensure your information system can meet its objectives. The

Read More

Security Program, Privacy

Apache Log4j Vulnerabilities vs. Cybersecurity Risk Management

Apache Log4j Vulnerabilities vs. GRC On December 10, Apache released details about a Log4j-core vulnerability nicknamed "Log4Shell". It is documented in CVE-2021-44228, and rated a rare 10 out of 10 on the CVSS vulnerability rating scale. Log4j-core

Read More

SOC2, CISO, vCISO, Security Program

Understanding the Business Value of SOC 2 Compliance

System and Organizational Controls 2 (SOC 2) is sometimes known as Service Organization Controls. Maintained by the American Institute of Certified Public Accountants (AICPA), SOC 2 is a standard for auditing and reporting on the efficacy of

Read More

PCI DSS, Security Program, Privacy

Cybersecurity Threat Landscape 2022, Nine Things You Should Know

In 2021 cybersecurity professionals faced the same vulnerabilities and attacks as decades before, just more nefarious, persistent, and far-reaching. Ransomware is everywhere, critical infrastructure is vulnerable, and security teams struggle with

Read More

SOC2, CISO, vCISO, Security Program, Risk Assessment

Bridging the gap between CISOs

Facing the challenges of new cybersecurity and privacy laws, a sharp increase in cybersecurity litigation, and the ceaseless evolution of ransomware and cyberthreats, the role of Chief Information Security Officer (CISO) has become critical to

Read More

Privacy, CCPA

State Privacy Law, What's Coming in California CPRA for 2022

What's new with State Privacy Laws? CPRA applies to all data collected as of Jan 1, 2022. In 2018 California became the first US state to give consumers new tools and rights under the California Consumer Privacy Act (CCPA). In the November 2020

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2024 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service