Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Australian Cyber and Infrastructure Security Centre (CISC) recently announced that the Critical Infrastructure Risk Management Program (CIRMP) obligation had entered into effect. The Minister for Home Affairs, the Hon Clare O’Neil, signed the CIRMP Rules as the final part (Section 61) of the Security of Critical Infrastructure Act 2018 (SOCI Act) on 17 February 2023, effective immediately.

Earlier, even prior to the digitalization of healthcare records, it was still easier to keep the information secure and private. Records were in the physical form and could be protected in many ways. Now that people can pull up their entire health histories with the press of a few buttons, things are very different. With the information now being stored and processed online, the threat and risk exposures are equally high. So, to address such threats the U.S.

With growing volumes of personal data being collected, analyzed, shared and stored, there is more expectation than ever on businesses to ensure privacy for their employees, clients and wider supply chain. The digital age has streamlined ways of working, improved the targeting and personalization of services and communications and made detailed information available at the touch of a screen. But personal data is exactly that – personal.

As organizations grow in size and complexity, so do their security and compliance needs. While Vanta's library of controls and supported frameworks are extensive, eventually, you may wish to use your internal expertise to build a framework Vanta doesn't support or create custom controls. ‍ Today we are excited to introduce custom frameworks and enhancements to custom controls to help you improve your workflows, organize your security commitments, and manage your work at scale. ‍

SOC 2 and ISO 27001 are compliance frameworks commonly required of organizations that house data or store sensitive information. Both standards focus on information security management, but they have some key differences in their approach and scope. Let’s take a closer look at the differences between SOC 2 and ISO 27001, and see if one or both are right for your organization.

Out of his 29 years of cloud and security experience, Mick has been with Robin for 6, leading their internal compliance operations and making sure that their customers’ data is secure. Robin needed to get SOC 2. They also wanted a way to answer security questionnaires faster. Continue on to see how Mick was able accomplish both.