If you have a team working remotely due to the COVID-19 virus you are obviously not alone as we adjust to this new normal way of work. At present, 1 in 3 Americans are being asked to stay at home and, for some, work from home, including the entire Ostendio team. In addition to practical ...

Vendor Risk Management is a hot topic at the moment and for good reason. A recent study by the Ponemon Institute showed 59% of companies have suffered a data breach at the hands of their third party vendors and many don’t know how to tackle the issue. At Ostendio we deal with customers from across ...

If you missed our recent webinar “Re-thinking Vendor Risk Management” you can listen to it free and on-demand here. In the webinar we talked about managing the risks associated with vendors and how traditional solutions have failed to solve those problems. Our webinar shared practical advice and ...

What do you need to know about HIPAA in 2020? This year, the changes are not so much about HIPAA itself, but about things that directly affect how organizations operate in the shadow of HIPAA. There is a lot of chatter in the data security and privacy world right now about GDPR in Europe and CCPA ...

When we talk to customers, prospects, and even audit partners, they are often overwhelmed with the choices they have for GRC tools. There is a lot of vendors-speak, confusing terminology, and varying opinions on where to start. Sometimes it helps to break the problem down to the basics, then build ...

We are huge football fans at Ostendio! Even though we spend our days helping customers with their cybersecurity challenges, many of us also moonlight as fantasy football professionals, or at least we think we do. With the Super Bowl this coming weekend, we started talking about how football and ...

There’s an inherent risk to doing business, particularly business that touches personal data. For years now, the business community – from healthcare to retail – has focused on the threat prevention aspect of data security. We train employees on compliance, how to recognize PHI and personally ...

The start of a decade is always an exciting time. When you think about how technology has changed in the last 10 years you can only imagine what might happen in the next 10. We recently found an old Nokia 8210 phone at home and my teenagers couldn’t figure out how to text with it! It was only 16 ...

2019 was an incredible year of growth for Ostendio. We continue to ramp up our business while working hard every day to deliver on our promises to customers. We are excited by all the change in the industry around us, and our team is constantly challenging itself to influence that change with ...

Webinars are some of our most popular content on the Ostendio web site. Across 2019 we hosted a series of webinars that combined best practices and how-to’s for a variety of risk management, compliance, and cybersecurity topics. We used our combined years of industry knowledge and experience to ...

We’ve had an incredible year of growth at Ostendio and, as our company has grown, so has our blog readership. At the end of every year, we revisit our most popular blog posts of the past 12 months to see which topics are resonating and trending with the readers.

We are all used to doing regular fire drills at the office or at school, and we accept the benefits of having defined roles and responsibilities should an emergency occur. It allows for a more organized response to a difficult situation. This kind of planning limits the damage that can be caused ...

It’s easy to make mistakes. We’ve all done it. Maybe you’ve put the milk in the cupboard and the cereal in the fridge this morning! These things happen with busy lives. But what about the security audit? There are dozens, if not hundreds, of small mis-steps that can turn a security audit sideways. ...

Today we announced an exciting new addition to the Ostendio MyVCM platform - MyVCM Auditor Connect. You can read the press release here, but I thought it made sense to share some more context and insight here on our blog. My VCM Auditor Connect is something we have been working on for several years ...

There is no single industry with greater sensitivity to data breaches than healthcare. But unfortunately, breaches across healthcare companies, including providers, vendors and business partners, are on the rise. Our friends at Protenus do a great job of tracking and analyzing the universe of data ...