Blog

CISO, vCISO, Security Program

Overseeing a vCISO - Translating Information Security to Business Risk

Most experts agree that the Chief Information Security Officer (CISO) role is a business necessity in today's cyber - risky environment . According to a Deloitte 2021 survey, companies listed security, privacy, demonstrating compliance, and improving efficiency and cyber -

Read More

Security Program, Privacy

The Seven Regions of Cyber-Governance

Privacy, cybersecurity, and Compliance are distinct practices with distinct goals. The three disciplines work together to build trust and confidence in your data management system in best-case scenarios.

Read More

SOC2, Security Program

Three Indicators Your Startup should be SOC 2 Compliant

A System and Organization Controls 2 (SOC 2) compliant report is an industry-recognized standard for demonstrating the efficacy of information systems. It is one of the most requested credentials by prospective clients when screening IT services

Read More

CISO, vCISO, Security Program

Three Ways to Improve Your Bottom Line Using a vCISO

In today's cyber-risky environment, most experts agree that the role of a Chief Information Security Officer (CISO) is a business necessity. According to a Deloitte 2021 survey, companies listed security, privacy, demonstrating compliance, and

Read More

HIPAA, Privacy, CCPA, GDPR

Data Privacy Tools in 2022

Three Types of Data Privacy Tools for 2022 Organizations are under extreme pressure to mitigate emerging risks and keep pace with changing regulatory requirements. The frantic pace of new privacy laws layered onto the increasing complexity of modern

Read More

CISO, vCISO, Security Program

Cybersecurity – Responsibility vs. Accountability

Responsibility vs. Accountability for Oversight of Cybersecurity The need to manage cybersecurity and privacy risk is generally accepted. In many organizations, it may even be clear who is doing it. However, there is often a lack of clarity over the

Read More

SOC2, vCISO

The Meaning of SOC from the AICPA

What does SOC mean and why does it matter? How did a CPA organization come to audit information systems for cybersecurity and privacy controls? Spoiler alert. The acronym SOC currently means System and Organization Controls, but that wasn't always

Read More

Penetration Testing, Security Program, Risk Assessment, Red Teaming

Combating Feedback Loops with Attack Surface Analysis

Everyone knows there are threats out there hell-bent on destroying our organizations. Innovative businesses everywhere are taking a risk-based approach to prevent mission compromise. This approach involves leveraging a risk assessment framework as

Read More

HIPAA, Privacy, CCPA, GDPR

EU Privacy - New GDPR Data Transfer Tools

New EU data privacy laws impact companies in 2022. In June 2021, the European Commission adopted a new set of standard contractual clauses (SCCs) for the transfer of personal data outside of EU countries such as the United States. Businesses have

Read More

SOC2, Security Program

The Four Essential Elements of SOC 2 Type 2 Compliance

The Type 2 audit measures your organizations’ ability to maintain security, availability, processing integrity, privacy, and confidentiality operationally over time. A SOC 2 Type 2 investment helps build resiliency into your business. It

Read More