Blog

SOC2, CISO, vCISO, Security Program

Solving the Cybersecurity Skills Gap Challenge

All organizations face the challenges of new cybersecurity and privacy laws, a sharp increase in cybersecurity litigation, and the ceaseless evolution of ransomware and cyber-threats. As a result, mature risk management and IT security team have become critical to maintaining

Read More

SOC2, CISO, vCISO, Security Program

The Compliance Equals Security Disconnect

"Compliance is NOT Security" You hear this common lament from security professionals, "Compliance is not security." This remark has always sounded like an excuse to me. I suppose the reason is that most people who utter this phrase always seem to

Read More

Penetration Testing, CIS Controls, Security Program

What does the CIS Controls Version 8 say about Pen Testing?

Independent penetration testing provides critical objective insights about vulnerabilities in organizational defenses and mitigating controls. As part of a comprehensive, ongoing security improvement, pen tests are required by recognized

Read More

Penetration Testing

Why you should Pen Test like an Attacker & not an Auditor

Penetration testing uses creative, blended attacks like real-world adversaries to find weaknesses in tested systems. By simulating real-world attack scenarios, pen testing is

Read More

CIS Controls

Three Ways to Approach System Hardening using CIS Benchmarks

Out of the box, most operating systems are configured insecurely. OS hardening minimizes an operating system's exposure to threats by properly configuring security settings and removing unnecessary applications and services. The Center for Internet

Read More

CISO, vCISO, Security Program, Privacy

Virtual Chief Privacy Officer – Outsource Your Privacy Program

The fact that each state in the U.S. seems to have specific privacy laws with no central comprehensive federal law makes it difficult to know what privacy regulations apply to your organization. Therefore, navigating the privacy legal waters

Read More

SOC2, HIPAA, CIS Controls, Security Program

18 CIS Controls - an Effective Framework for Security

You can achieve Information security by complying with an adequate set of security policies, standards, and procedures. Of course, there is no such thing as 100% secure, but if you comply with an appropriate set of security policies, standards, and

Read More

Privacy, CCPA

Biometric Privacy in the Workplace – What You Need to Know

The complex legal landscape surrounding privacy, including biometrics, continues to evolve at the state level. Arduous legislation has led to lengthy privacy policies across the internet. Based on a study conducted by former chief technologist for

Read More

CISO, vCISO, Security Program, Risk Assessment, ISO27001

Seven Reasons to Implement ISO27001

One of the best ways to demonstrate the suitability of your Information Security Management System (ISMS) to your organization, customers, and partners is to achieve a globally recognized certification. The ISO 27001 certification is also a

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

Why You Should Hire a Virtual Data Protection Officer (vDPO) Now

The Data Protection Officer (DPO) is a role required by the EU General Data Protection Regulation (GDPR). If your organization is subject to GDPR and meets the large-scale data handling factors, you need a DPO. What can you do if you don't have an

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2024 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service