[5 min read] To the busy CISO, it might seem like implementing a GRC (Governance, Risk and Compliance) tool will be an easy way to create and manage...
[5 min read] Is the AICPA asleep at the wheel? More and more tech companies are seeking to demonstrate their security posture by undertaking a SOC 2...
[5 min read] Vendor Risk management is a hot topic especially when you realize that many of the most high-profile data breaches are due to vendors or...
[3 min read] It is amazing to think about how much data we all create these days. With so many employees working remotely, and the rise in the number...
[4 min read] We all know how hectic the life of a CISO can be regardless of the size of business they support or the industry they are involved in. ...
[4 min read] Late last year we wrote a blog that looked at Risk Management and Data Security and suggested what you might do differently as we headed...
[4 min read] There’s one thing that you can count on in the news right now and that’s another report of a data breach or ransomware attack. They seem...
[4 min read] 5 Key features you need that a traditional GRC provider doesn’t offer When we talk to customers, prospects and even audit partners, they...
[4 min read] A recent article in SecureWorld “Lessons from 2020, and what to expect in 2021: An evolutionary time in cyber and privacy” looks back at...
If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations. ...
How is your business showing compliance to operational and business risks during these uncertain times? Many companies turn to the popular SOC report...
As we start to adapt to our new quarantined life, one of the things that has struck me is how different people have benchmarked what they constitute...
If you have a team working remotely due to the COVID-19 virus you are obviously not alone as we adjust to this new normal way of work. At present, 1...
When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for GRC tools. There is a lot of...
There’s an inherent risk to doing business, particularly business that touches personal data. For years now, the business community – from healthcare...
In case you are new to the world of cybersecurity and are struggling to learn or understand some of the new terms you are hearing, don’t worry, we’re...
Are you always on the look out for the best InfoSec conferences to attend? We've found several helpful resources to point you in the right direction,...
As a proponent of ISO 27000 series of standards I was delighted to see the International Organization for Standardization release ISO/IEC 27018:2014...