[5 min read] To the busy CISO, it might seem like implementing a GRC (Governance, Risk and Compliance) tool will be an easy way to create and manage...

[5 min read] Is the AICPA asleep at the wheel? More and more tech companies are seeking to demonstrate their security posture by undertaking a SOC 2...

[5 min read] Vendor Risk management is a hot topic especially when you realize that many of the most high-profile data breaches are due to vendors or...

[4 min read] Why vendors may be the biggest security risk to your organization Of the companies that experienced a data breach in 2021, over 90% of...

[3 min read] It is amazing to think about how much data we all create these days. With so many employees working remotely, and the rise in the number...

[4 min read] Data ownership is a complicated topic, much more complicated than most might think. We often talk about data security in possessive...

[5 min read] And who has access to it? When I talk to CEOs and security professionals about data security, the one question that continually trips...

[5 min read] If you are involved with, or interested in, the data security world then no doubt you have heard many definitions of integrated risk...

[4 min read] Risk management is not well understood. Often there is confusion between risk management and risk assessment, and added to that...

[4 min read] I had not heard the term “Mission Corp” until earlier this year.  It came up when I was interviewing someone for a role at Ostendio and,...

[4 min read] We all know how hectic the life of a CISO can be regardless of the size of business they support or the industry they are involved in. ...

[4 min read] When it comes to managing risk, companies often overlook their vendors. But Vendor Risk Management should be an integral element of any...

[4 min read] We are at a turning point as companies are deciding what to do about returning to the office after the pandemic. As many schools prepare...

[4 min read] Late last year we wrote a blog that looked at Risk Management and Data Security and suggested what you might do differently as we headed...

[4 min read] There’s one thing that you can count on in the news right now and that’s another report of a data breach or ransomware attack. They seem...

[4 min read] Have you ever wished you could run a marathon?  I have run a few and I can tell you it is hard work and takes a lot of training just to...

[4 min read] I have learned over my time working in the cybersecurity space that for many people and business leaders there is a lot of confusion...

[5 min read] Customers see a lot of confusing terms when they are looking at building a security program.  Terms such as “regulatory compliance”,...

[4 min read] We talked previously about the type of cybersecurity and risk management challenges to expect in 2021, but the trends driving these...

[5 min read] There is much confusion around Vendor Risk Management (VRM), what it is and how to handle it properly for all sizes of business. Too...

[5 min read] The data breach involving FireEye and SolarWinds was shocking. As the leader of a cybersecurity platform company, a significant breach...

The election news cycle is in full swing as we near the big day on November 3rd. Regardless of how you vote, at Ostendio we encourage all employees...

Many larger companies, and some medium sized companies, have a focused CISO with a great IT team who have all worked hard to establish a data...

If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations. ...

The first step in any process is often the hardest. Realizing that you need to take action is just the beginning, deciding what action to take is...