New in Vanta | May 2023
In May we announced Vanta Workspaces for customers with multiple business units, improved navigation bar labels & groupings, 15 new integrations, and more.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Compliance
The Roadmap to Securing Your Digital Assets with Cybersecurity
“Technology trust is a good thing, but control is a better one.”
Risk Registers: The Ultimate Guide with Examples & Template
Effectively utilizing a risk register allows your organization to anticipate and overcome challenges with confidence. No GRC program is failproof, which is why it’s so critical to take a thorough look at potential risks and remediations. To make sure you’re starting on the right foot, we’ve provided a free, downloadable risk register template you can use once you have a better understanding of what it does.
Why Is CMMC a Big Deal?
The Cybersecurity Maturity Model Certification (CMMC) has been around for a few years. And, in its short tenure, it has, itself, matured. The current version of the CMMC is 2.0, released in November 2021. In the latest version of the model, the original five-level model hierarchy was collapsed into three distinct levels: Foundational, Advanced, and Expert.
How to Make the Business Case for ISO 27001 Compliance
As a CIO at a mid-sized company, I faced a new challenge when vendors asked for more specifics about our information security and the protocols we have in place to safeguard our sensitive data. Naturally, those questions were directed toward the IT team (and were phrased in ISO 27001 terminology), which was initially challenging because we had limited knowledge of that particular standard.
How to Achieve ISO 27001: Everything You Need to Know to Pass the Audit
Welcome to our guide on ISO 27001 compliance! We’ll cover everything you need to know about ISO 27001, including its clauses, the preparation & audit processes, costs, and best practices. Let’s get started!
HIPAA and Incident Response: How to Manage Security Incidents in a HIPAA-Compliant Environment.
Watch our webinar on “HIPAA and Incident Response: How to Manage Security Incidents in a HIPAA-Compliant Environment” for an amazing opportunity to learn about HIPAA and incident response in a HIPAA-compliant environment! VISTA InfoSec presents this informative session for organizations striving to achieve HIPAA compliance and enhance their incident response capabilities.
Webinar How Does NIST 800 171 R3 Impact Your CMMC Plans
Let’s avoid confusion and not lose focus. While NIST recently announced revision 3 of 800-171, its impact on government contractors and subs won’t be felt for years. DFARS 252.204-7012 requires compliance with Revision 2 now. SPRS scores (which can now be considered by the government when making contract awards) are based on Revision 2, and CMMC assessments which will soon be required are also based on Revision 2.
TrustCloud Releases World's First Free Security Questionnaire Tool and Compliance Sharing Portal for Startups
TrustShare™ application includes AI-powered security questionnaire responses and a dynamic compliance portal, so startups can pass security reviews and win crucial enterprise deals.
Building trust with vendor management
If you’re working towards a stronger security posture to become an organization that’s worthy of customer trust, your vendors are going to play an increasingly important role. In this article, we’ll give you an overview of vendor management and walk through what a robust vendor management process looks like.