[4 min read] I have learned over my time working in the cybersecurity space that for many people and business leaders there is a lot of confusion between risk assessment and risk management. Very often the performance of cumulative risk assessments is mistakenly described as risk management.  This ...

[4 min read] Security Audits can improve your organizational efficiency and data security When it comes to conducting audits there are multiple benefits to an organization.  We discussed this, and more, with Dale Dresch, Director of IT Services at Maloney+Novotny, on our recent webinar. Dale spoke ...

[4 min read] Daunting. That’s the word we hear the most from customers when it comes to thinking about completing a security audit. Time, money and confusion – these are just the beginning of the challenges that go hand in hand with any security audit from FedRAMP to SOC 2 or HITRUST. But there’s ...

[5 min read] Customers see a lot of confusing terms when they are looking at building a security program.  Terms such as “regulatory compliance”, “security frameworks”, “Information Security Standards”, and “Security controls”.  Of all the buzz words we hear these days “regulatory compliance” is a ...

[4 min read] We talked previously about the type of cybersecurity and risk management challenges to expect in 2021, but the trends driving these challenges are equally important to understand. In his recent Gartner publication called “Top Security and Risk Management Trends 2021,” Peter Firstbrook ...

[4 min read] SOC reports simplified with our top 10 questions and answers One of the most popular frameworks we get questions about is the SOC 2 report. Companies often get an unexpected request from a customer or prospect who is seeking verification of their data security and risk management ...

[4 min read] 5 Key features you need that a traditional GRC provider doesn’t offer When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for a GRC (Governance, Risk and Compliance) tool or don’t really know what a GRC tool does.  There ...

[4 min read] Hint Health is a technology enabled Direct Primary Care (DPC) solutions company that partners with visionary provider organizations to build successful DPC programs. They developed the HintOS™ platform, an enterprise-grade DPC management platform that powers the largest and ...

[5 min read] There is much confusion around Vendor Risk Management (VRM), what it is and how to handle it properly for all sizes of business. Too often it is mistakenly confused with a Vendor Risk Assessment, a single point in time component of an effective VRM program.  To get on the same page, a ...

[4 min read] If you come from the tech-centric world of Tesla and Apple and enter the world of dental labs where orders are sent by paper, phone or email you are bound to want to make changes.  That’s what happened to Ostendio customer, Ray Alde, CTO of Arklign.  Ray is the co-founder of Arklign ...

[4 min read] The role of information technology has infiltrated the day to day mechanics of all industries, especially healthcare. Information technology and data security are particularly important to healthcare because of the volume of sensitive data healthcare companies store, and the urgency of ...

[4 min read] A recent article in SecureWorld “Lessons from 2020, and what to expect in 2021: An evolutionary time in cyber and privacy” looks back at some of the main cybersecurity events in 2020 but also predicts what 2021 will bring.  With many of us busy planning for the year ahead, what do we ...

[5 min read] The data breach involving FireEye and SolarWinds was shocking. As the leader of a cybersecurity platform company, a significant breach like this highlights how creative the hackers are becoming. If companies like FireEye and SolarWinds can be vulnerable then we all need to step up our ...

[5 min read] 2020 was undoubtedly a shock to the system, shaking up everyone’s personal and business life. At Ostendio we transitioned quickly to a work-from-home environment for all employees. On the plus side, some of us have found that we are significantly more productive working at home. Anyone ...

Are you feeling a little overwhelmed at the thought of a security audit? Have you heard the SOC 2 name mentioned in meetings but don’t understand what’s involved? Many people have questions about security audits so here is our quick overview to answer a few of your SOC 2 questions including ...