[5 min read] To the busy CISO, it might seem like implementing a GRC (Governance, Risk and Compliance) tool will be an easy way to create and manage...
[5 min read] Is the AICPA asleep at the wheel? More and more tech companies are seeking to demonstrate their security posture by undertaking a SOC 2...
[5 min read] Vendor Risk management is a hot topic especially when you realize that many of the most high-profile data breaches are due to vendors or...
[3 min read] It is amazing to think about how much data we all create these days. With so many employees working remotely, and the rise in the number...
[4 min read] Security standards, reports, and certifications are becoming essential for vendors and technology firms. Certifications, such as SOC 2,...
[4 min read] I had not heard the term “Mission Corp” until earlier this year. It came up when I was interviewing someone for a role at Ostendio and,...
[3 min read] This blog is the last in a series from the National Cybersecurity Alliance in support of Cybersecurity Awareness Month 2021. Ostendio is...
[4 min read] We all know how hectic the life of a CISO can be regardless of the size of business they support or the industry they are involved in. ...
[4 min read] When it comes to managing risk, companies often overlook their vendors. But Vendor Risk Management should be an integral element of any...
[4 min read] We are at a turning point as companies are deciding what to do about returning to the office after the pandemic. As many schools prepare...
[4 min read] Late last year we wrote a blog that looked at Risk Management and Data Security and suggested what you might do differently as we headed...
[4 min read] There’s one thing that you can count on in the news right now and that’s another report of a data breach or ransomware attack. They seem...
[4 min read] 5 Key features you need that a traditional GRC provider doesn’t offer When we talk to customers, prospects and even audit partners, they...
[4 min read] A recent article in SecureWorld “Lessons from 2020, and what to expect in 2021: An evolutionary time in cyber and privacy” looks back at...
If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations. ...
How is your business showing compliance to operational and business risks during these uncertain times? Many companies turn to the popular SOC report...
As we start to adapt to our new quarantined life, one of the things that has struck me is how different people have benchmarked what they constitute...
If you have a team working remotely due to the COVID-19 virus you are obviously not alone as we adjust to this new normal way of work. At present, 1...
When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for GRC tools. There is a lot of...
In case you are new to the world of cybersecurity and are struggling to learn or understand some of the new terms you are hearing, don’t worry, we’re...
You’ve likely heard about organizations having a culture of compliance but not as much about having a culture of cybersecurity. Yet as threats to our...
HITRUST (Health Information Trust Alliance) and NIST (National Institute of Standards and Technology) recently announced that they have teamed up and...
When it comes to HIPAA compliance and cybersecurity, the danger comes with thinking one assures the other. It doesn’t. Just skim the daily headlines...
When you’re a medical device manufacturer, your primary goal is to get your product into hospitals and care provider networks. The internet of things...
As we wrap up 2017, the number of healthcare data breaches are up over 2016, with 41% caused by “insiders” per the Protenus Breach Barometer mid-year...
As we wrap up Cybersecurity Awareness Month, keep in mind that cybercriminals are indiscriminate in who they attack. Large business, small business,...
After a lengthy process of “putting things to rights” in 17 states, Zenefits is paying up to US$7 million in penalties. As with other digital health...
In the last few months we have seen a spike in cybercrime with a series of ransomware attacks in the healthcare industry. Hospitals, from California...