Blog

SOC2, Security Program

SOC 2 Perils and Pitfalls

Congratulations, product development was successful, and you have the utmost confidence in the capabilities of your new product or service. Engineering has assured you that the necessary controls are in place for secure operation. Sales demos are going well in the field, and

Read More

Threat Intelligence

DDoS for the Holidays

Many find the holidays season exciting because they can relax, spend time with family and friends, and celebrate traditions. Additionally, most businesses have plenty to celebrate throughout the holidays since they usually have higher sales and

Read More

Security Program, Privacy

The Five-Step Adaptable Risk-based Privacy Program

In today's data-driven economy, an organization's data is its most valuable asset. The landscape of privacy regulations is vast and continuously evolving, forcing organizations to select and track applicable requirements for collecting and managing

Read More

Security Program, ISO27001

Scoping Your ISMS for ISO 27001 Compliance

The ISO 27001 standard provides requirements for establishing, implementing, maintaining and continually improving your Information Security Management System (ISMS) within the context of your organization. Your ISMS includes the people, processes

Read More

Threat Intelligence

The New Trends in Ransomware that Impacted U.S. Businesses in 2022

Without a doubt, the increased frequency and intensified scale of ransomware attacks are becoming a significant issue for tens of thousands of companies worldwide. For example, between January 2020 and July 2022, companies in the United States were

Read More

PCI DSS, Penetration Testing

Pentesting for PCI DSS

Most industry-recognized security frameworks, including HITRUST, CIS Controls and PCI DSS, stipulate penetration testing requirements as part of an organization's risk management cycle. In addition, the Payment Card Industry Security Standards

Read More

CISO, vCISO, Security Program

The Board vs. Security & Privacy Programs

In a corporation, the board is ultimately accountable to the shareholders for managing risks, including cybersecurity and privacy risk. Therefore, the need to address cybersecurity and privacy risk is generally accepted. However, there is often a

Read More

CISO, vCISO, Security Program

Finding Peace of Mind in Cybersecurity

Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic

Read More

Privacy

Combined Risk Management for Security, Privacy and Compliance

Privacy regulations boil down to protecting information. In other words, privacy is about the security of data. The various privacy rights can be traced back to core security principles defined by NIST as Confidentiality, Integrity, and Availability

Read More

Threat Intelligence

Phishing Attacks hit Record High in 2022

According to the Anti-Phishing Working Group (APWG), an international coalition of counter-cybercrime responders, phishing attacks climbed to a new record high in 2022. The APWG Report analyzes phishing attacks and other identity theft techniques,

Read More