Blog

Security Program, Privacy

Security is the Foundation for Building an Adaptable, Future-Proof Privacy Program

Privacy regulations boil down to protecting information. In other words, privacy is about the security of data. In today’s data-driven economy, your organization’s data is often its most valuable asset. You may be subject to multiple jurisdictions (e.g., GDPR, CCPA, HIPAA, GLBA)

Read More

Threat Intelligence

IoT Security –Who’s Controlling the Machines on Your Network?

Internet of things (IoT) devices are prevalent in our home and business lives. Embedded devices have revolutionized manufacturing, industrial, supply chain management, logistics, retail, infrastructure management, food production, surveillance, and

Read More

SOC2, CISO, vCISO, Security Program

The Three Levels of HITRUST CSF r2 Compliance

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF

Read More

SOC2, CISO, vCISO, Security Program

Video | The Compliance Equals Security Disconnect

Topic: The Compliance Equals Security Disconnect “Use the tools at your disposal correctly, stay current on threats, monitor your security posture, and live a long, prosperous, secure life." A discussion between Sean Costigan, Prof, George C.

Read More

SOC2, CISO, vCISO, Security Program

Security Risk Assessments & Why Compliance Equals Security

You likely need a risk assessment for compliance. PCI DSS 4.0, SOC2, ISO 27001, NIST, HIPAA, and other standards require a risk assessment as a fundamental part of a robust security program— and they're right to make this fundamental analysis a

Read More

Threat Intelligence

Threat Intelligence: TraderTraitor, Maui Ransomware and the MSTIC H0lyGh0st

In the news recently, more hijinks from our infamous foes, North Korean state-sponsored attackers; The evolving gang of thugs who brought us disruptive malware like the 'WannaCry' ransomware, colorful variants like 'SLICKSHOES,' 'CROWDEDFLOUNDER,'

Read More

HIPAA, Privacy, CCPA, GDPR, CPRA

Privacy Law Confusion and The American Data Privacy Protection Act

The American Data Privacy Protection Act currently making its way to the House floor is not just another privacy bill destined for failure. On the contrary, unlike past attempts, today's political climate is ripe for action in the wake of the

Read More

PCI DSS

How to Evade PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) compliance can be expensive for financial institutions and transaction processors that cannot avoid touching cardholder data (CHD). However, ordinary merchants can reduce the scope with

Read More

Privacy

Building a Privacy Program that Works Across Jurisdictions

Privacy and security were historically two separate disciplines. However, over the years, the two have grown closer together. Moreover, as the landscape of privacy regulations continues to evolve, the most recent comprehensive privacy laws close

Read More

CISO, vCISO, Security Program, Risk Assessment, ISO27001

Three Steps to ISO 27001 Compliance

ISO27001 is the certifiable ISO standard that describes how to manage an Information Security Management System (ISMS) securely. 27001 is compatible with other standards and regulations, including SOX, GLBA and other cybersecurity regulations.

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2024 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service