June 23, 2021

HITRUST or HIPAA?

[3 min read] Many organizations know that they need to operate in line with HIPAA to protect sensitive data but they have also heard about HITRUST...
Read more
June 22, 2021

What is the difference between risk management and risk assessment?

[4 min read] I have learned over my time working in the cybersecurity space that for many people and business leaders there is a lot of confusion...
Read more
June 16, 2021

Security Audit: An Auditor's View

[4 min read] Security Audits can improve your organizational efficiency and data security When it comes to conducting audits there are multiple...
Read more
May 26, 2021

Easing the top 3 pain points of security audits

[4 min read] Daunting. That’s the word we hear the most from customers when it comes to thinking about completing a security audit. Time, money and...
Read more
May 24, 2021

What is regulatory compliance?

[5 min read] Customers see a lot of confusing terms when they are looking at building a security program.  Terms such as “regulatory compliance”,...
Read more
May 5, 2021

3 trends for safely managing security and risk in 2021

[4 min read] We talked previously about the type of cybersecurity and risk management challenges to expect in 2021, but the trends driving these...
Read more
April 15, 2021

What is a SOC report?

[4 min read] SOC reports simplified with our top 10 questions and answers One of the most popular frameworks we get questions about is the SOC 2...
Read more
March 31, 2021

Are you dissatisfied with your GRC platform?

[4 min read] 5 Key features you need that a traditional GRC provider doesn’t offer When we talk to customers, prospects and even audit partners, they...
Read more
March 25, 2021

Hint Health Benefits from Multiple Security Standards

[4 min read] Hint Health is a technology enabled Direct Primary Care (DPC) solutions company that partners with visionary provider organizations to...
Read more
March 11, 2021

Why is Vendor Risk Management a 'tick the box' process for most companies?

[5 min read] There is much confusion around Vendor Risk Management (VRM), what it is and how to handle it properly for all sizes of business. Too...
Read more
February 4, 2021

Arklign builds an always-on approach to security

[4 min read] If you come from the tech-centric world of Tesla and Apple and enter the world of dental labs where orders are sent by paper, phone or...
Read more
January 21, 2021

How will the healthcare industry deal with data in 2021?

[4 min read] The role of information technology has infiltrated the day to day mechanics of all industries especially healthcare. Information...
Read more
January 8, 2021

Cybersecurity challenges for 2021 - moving beyond the audit

[4 min read] A recent article in SecureWorld “Lessons from 2020, and what to expect in 2021: An evolutionary time in cyber and privacy” looks back at...
Read more
December 22, 2020

The most important lessons to take away from the SolarWinds hack

[5 min read] The data breach involving FireEye and SolarWinds was shocking. As the leader of a cybersecurity platform company, a significant breach...
Read more
December 16, 2020

Risk Management and Data Security: Do these things differently in 2021

[5 min read] 2020 was undoubtedly a shock to the system, shaking up everyone’s personal and business life. At Ostendio we transitioned quickly to a...
Read more
November 19, 2020

Making SOC 2 audits simple

Are you feeling a little overwhelmed at the thought of a security audit? Have you heard the SOC 2 name mentioned in meetings but don’t understand...
Read more
October 29, 2020

Cybersecurity and the 2020 Election

The election news cycle is in full swing as we near the big day on November 3rd. Regardless of how you vote, at Ostendio we encourage all employees...
Read more
October 15, 2020

A guide to optimizing your existing security program

Many larger companies, and some medium sized companies, have a focused CISO with a great IT team who have all worked hard to establish a data...
Read more
October 1, 2020

Cybersecurity Awareness Month 2020

Thinking about cybersecurity is a full time, 365 day-a-year job at Ostendio but for many it comes to mind most during October when the National...
Read more
September 17, 2020

You passed your security audit...what’s next?

If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations. ...
Read more
September 11, 2020

Worried your business is too small for an effective cybersecurity program?

The first step in any process is often the hardest. Realizing that you need to take action is just the beginning, deciding what action to take is...
Read more
September 3, 2020

How great Customer Service can benefit your business

As a CISO, you’ve spent time deciding on the best platform to suit your data security and risk management needs and you are ready for the...
Read more
August 27, 2020

The value of bringing in experts during an audit

When it is time to prepare for your first audit you might be filled with dread.  How are you going to get through the audit? Will your employees or...
Read more
August 20, 2020

How to run a successful data security program

It feels great to get to the point where you have built a cybersecurity program for your business. As a CISO you got the executive buy-in, everyone...
Read more
August 14, 2020

Building a Comprehensive Cybersecurity Program in the age of COVID-19

Even before the COVID-19 pandemic took hold, too many organizations were not looking at a broad enough approach to cybersecurity as they evaluated...
Read more
August 6, 2020

Twitter breach highlights why IT-centric security programs are insufficient

We might not be surprised when we read about another data breach but it does turn heads when it is a well-known brand like Twitter.  Recent reports...
Read more
July 30, 2020

How Data Sets You Free (and Keeps You Safe)

The typical company significantly under invests in cyber security, a situation that is likely to be exacerbated as companies look to cut expenses...
Read more
July 23, 2020

The Future Of Operational Risk Management

Security and Risk Management can be complicated. Predicting what might happen to your business and preparing to protect and mitigate against those...
Read more
July 14, 2020

MyVCM CrossWalk Assessment shows increase in drive for multiple security standards

We have learnt a lot in the last year since we launched the successful MyVCM CrossWalk Assessment feature, an addition to the industry leading ...
Read more
July 2, 2020

Are you ready for CCPA enforcement? Six steps to take right now

The California Consumer Privacy Act (CCPA) went into effect on January 1st 2020 but there are stages to its enforcement and we are about to hit...
Read more
June 25, 2020

One year in: MyVCM CrossWalk Assessments has changed the way we approach security audits

It is hard to believe it has been a year since we launched MyVCM CrossWalk Assessments. This new feature radically changed the way companies...
Read more
June 11, 2020

Renewing your SOC 2 could be easier than you think!

Security certifications are a must for vendors and technology firms. Many organizations choose SOC 2 as a way of demonstrating effective risk...
Read more
May 28, 2020

5 ways to save money by rethinking your Data Security approach

CIOs have mostly ridden out the remote work surge caused by COVID-19.  The employees who can work remotely are now safely settled in their home...
Read more
May 21, 2020

GDPR 2 years on- what happened to all the hype?

May 2020 marks the second year that GDPR has been in effect and we have already seen some significant fines totalling over $126 million.  Google has...
Read more
May 13, 2020

How SOC audits help businesses during uncertain times

How is your business showing compliance to operational and business risks during these uncertain times? Many companies turn to the popular SOC report...
Read more
May 7, 2020

Business Efficiency: the hidden benefit of an information security program

During these difficult times it is understandable that organizations may be looking for creative ways to cut costs or gain efficiency.  While...
Read more
April 29, 2020

How can a Risk Management platform support your business during a crisis?

We are all getting used to our new “normal” but many businesses, both big and small, have been caught off-guard by the COVID-19 crisis. Having to...
Read more
April 17, 2020

Using Risk Management strategies to help us effectively Socially Distance

As we start to adapt to our new quarantined life, one of the things that has struck me is how different people have benchmarked what they constitute...
Read more
April 10, 2020

Is Zoom just the tip of the iceberg?

From the recently announced privacy issues being investigated by the New York Attorney General at Zoom, all the way back to the Zenefits scandal in...
Read more
March 26, 2020

7 Tips to Reduce Risk Stemming from Remote Work

If you have a team working remotely due to the COVID-19 virus you are obviously not alone as we adjust to this new normal way of work.  At present, 1...
Read more
March 19, 2020

5 Biggest Mistakes Companies Make in Vendor Risk Management -- and how to avoid them

Vendor Risk Management is a hot topic at the moment and for good reason.  A recent study by the Ponemon Institute showed 59% of companies have...
Read more
March 3, 2020

Top 5 Questions (and answers) about Vendor Risk Management

If you missed our recent webinar “Re-thinking Vendor Risk Management” you can listen to it free and on-demand here.  In the webinar we talked about...
Read more
February 25, 2020

Checking in on HIPAA in 2020

What do you need to know about HIPAA in 2020? This year, the changes are not so much about HIPAA itself, but about things that directly affect how...
Read more
January 28, 2020

Top 10 Considerations for GRC Software Tools

When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for GRC tools.  There is a lot of...
Read more