Ostendio Blog

Many larger companies, and some medium sized companies, have a focused CISO with a great IT team who have all worked hard to establish a data...

Thinking about cybersecurity is a full time, 365 day-a-year job at Ostendio but for many it comes to mind most during October when the National...

If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations. ...

The first step in any process is often the hardest. Realizing that you need to take action is just the beginning, deciding what action to take is...

As a CISO, you’ve spent time deciding on the best platform to suit your data security and risk management needs and you are ready for the...

When it is time to prepare for your first audit you might be filled with dread.  How are you going to get through the audit? Will your employees or...

It feels great to get to the point where you have built a cybersecurity program for your business. As a CISO you got the executive buy-in, everyone...

Even before the COVID-19 pandemic took hold, too many organizations were not looking at a broad enough approach to cybersecurity as they evaluated...

We might not be surprised when we read about another data breach but it does turn heads when it is a well-known brand like Twitter.  Recent reports...

The typical company significantly under invests in cyber security, a situation that is likely to be exacerbated as companies look to cut expenses...

Security and Risk Management can be complicated. Predicting what might happen to your business and preparing to protect and mitigate against those...

We have learnt a lot in the last year since we launched the successful MyVCM CrossWalk Assessment feature, an addition to the industry leading ...

The California Consumer Privacy Act (CCPA) went into effect on January 1st 2020 but there are stages to its enforcement and we are about to hit...

It is hard to believe it has been a year since we launched MyVCM CrossWalk Assessments. This new feature radically changed the way companies...

Security certifications are a must for vendors and technology firms. Many organizations choose SOC 2 as a way of demonstrating effective risk...

CIOs have mostly ridden out the remote work surge caused by COVID-19.  The employees who can work remotely are now safely settled in their home...

May 2020 marks the second year that GDPR has been in effect and we have already seen some significant fines totalling over $126 million.  Google has...

How is your business showing compliance to operational and business risks during these uncertain times? Many companies turn to the popular SOC report...

During these difficult times it is understandable that organizations may be looking for creative ways to cut costs or gain efficiency.  While...

We are all getting used to our new “normal” but many businesses, both big and small, have been caught off-guard by the COVID-19 crisis. Having to...

As we start to adapt to our new quarantined life, one of the things that has struck me is how different people have benchmarked what they constitute...

From the recently announced privacy issues being investigated by the New York Attorney General at Zoom, all the way back to the Zenefits scandal in...

If you have a team working remotely due to the COVID-19 virus you are obviously not alone as we adjust to this new normal way of work.  At present, 1...

Vendor Risk Management is a hot topic at the moment and for good reason.  A recent study by the Ponemon Institute showed 59% of companies have...

If you missed our recent webinar “Re-thinking Vendor Risk Management” you can listen to it free and on-demand here.  In the webinar we talked about...

What do you need to know about HIPAA in 2020? This year, the changes are not so much about HIPAA itself, but about things that directly affect how...

When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for GRC tools.  There is a lot of...