[4 min read] Data ownership is a complicated topic, much more complicated than most might think. We often talk about data security in possessive terms of “my sensitive data”, “my health information” or “my Personal Identifiable Information (PII)”, but what does ownership of that data actually mean? ...

[5 min read] And who has access to it? When I talk to CEOs and security professionals about data security, the one question that continually trips them up is - do you know where your data is? They tend to stumble over this question because they initially focus on their production data locations, ...

[5 min read] If you are involved with, or interested in, the data security world then no doubt you have heard many definitions of integrated risk management (IRM) and Governance, Risk, Compliance (GRC). Should we simply be looking at “GRC 3.0” as professed by Michael Rasmussen at Forrester, the ...

[4 min read] Security standards, reports, and certifications are becoming essential for vendors and technology firms. Certifications, such as SOC 2, offer a cost-efficient way of demonstrating effective risk management practices and meeting regulatory compliance directives.

[4 min read] Risk management is not well understood. Often there is confusion between risk management and risk assessment, and added to that confusion is how to measure risk or evaluate risk. After all, it is hard to measure something that hasn’t happened yet or to predict when it might happen. ...

[4 min read] I had not heard the term “Mission Corp” until earlier this year. It came up when I was interviewing someone for a role at Ostendio and, as I described to them how we operate, they suggested we sounded like a Mission Corporation. I quickly Googled the book and saw the similarity. The ...

[3 min read] This blog is the last in a series from the National Cybersecurity Alliance in support of Cybersecurity Awareness Month 2021. Ostendio is proud to be a 2021 Cybersecurity Awareness Month Champion. The theme for week 4 is Prioritizing Cybersecurity in a Hybrid Workplace. This is an issue ...

[2 min read] Ostendio is proud to be a 2021 Cybersecurity Awareness Month Champion. This blog is part of a series from the National Cybersecurity Alliance in support of Cybersecurity Awareness Month 2021. As a Champion, Ostendio is involved with spreading the word about cybersecurity and this blog ...

[3 min read] Ostendio is proud to be a 2021 Cybersecurity Awareness Month Champion. This blog is part of a series from the National Cybersecurity Alliance in support of Cybersecurity Awareness Month 2021. As a Cybersecurity Awareness Month Champion, Ostendio is involved with spreading the word ...

[4 min read] Every October we raise awareness about Cybersecurity together with the National Cybersecurity Alliance. Their series of blog posts for October focuses on the themes of Cybersecurity Awareness Month which includes: The Cyber Basics Fundamentals of Shoring up Phishing Defenses Cyber ...

[4 min read] We all know how hectic the life of a CISO can be regardless of the size of business they support or the industry they are involved in. CISOs face many challenges including one that is becoming increasingly important: handling the Risk Management program for their organization. With ...

[4 min read] When it comes to managing risk, companies often overlook their vendors. But Vendor Risk Management should be an integral element of any robust data security program. A 2020 study by the Ponemon Institute showed 51% of companies have experienced a data breach caused by a third party. ...

[4 min read] We are at a turning point as companies are deciding what to do about returning to the office after the pandemic. As many schools prepare to welcome children back this fall, should you also be expecting your employees to return to the office, and how will you handle your data security ...

[4 min read] Late last year we wrote a blog that looked at Risk Management and Data Security and suggested what you might do differently as we headed into 2021. Without a doubt, 2020 created a considerable amount of uncertainty and risk, making Risk Management and Data Security hot topics for most ...

[4 min read] There’s one thing that you can count on in the news right now and that’s another report of a data breach or ransomware attack. They seem to be more and more frequent with the hackers demanding higher ransom amounts to have valuable company data returned. Recently, it was the Kaseya VSA ...