Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

New SEC cybersecurity rules: Five things every public company CISO should do now

By now you’ve heard about the new cybersecurity rules from the U.S. Securities and Exchange Commission (SEC) requiring public companies to report material cybersecurity incidents and disclose critical information related to cybersecurity risk management, expertise, and governance. Companies will be required to disclose risks in their annual reports beginning on December 15, 2023.

AI's Role in the Next Financial Crisis: A Warning from SEC Chair Gary Gensler

TL;DR - The future of finance is intertwined with artificial intelligence (AI), and according to SEC Chair Gary Gensler, it's not all positive. In fact, Gensler warns in a 2020 paper —when he was still at MIT—that AI could be at the heart of the next financial crisis, and regulators might be powerless to prevent it. AI's Black Box Dilemma: AI-powered "black box" trading algorithms are a significant concern.

Teleport Achieves ISO 27001, HIPAA, and SOC 2 Compliance Milestones

We're thrilled to announce that Teleport has recently achieved critical compliance milestones, marking another significant step forward in our commitment to providing highly secure and reliable cloud-based services. We are pleased to inform you that Teleport has successfully achieved ISO 27001 certification, is now HIPAA compliant, and has also expanded our SOC 2 report coverage with the addition of Confidentiality and Availability trust service criteria.

Shared Responsibility Model: Breakdown & Best Practices

There is a widespread misunderstanding regarding cloud services, particularly in relation to Software as a Service (SaaS). Many organizations mistakenly believe that once they migrate to the cloud, the responsibility for all aspects of security and data protection rests solely with the SaaS provider. This misconception creates a false sense of security, which can be detrimental.

Impact of Cyber Attacks on Small Businesses

Your business is at high risk if you have no security measures. A cyber attack can cause devastating financial damage to your business, including legal liabilities. Cyberattacks can result in lasting adverse repercussions on the reputation of your network security, as clients and customers can lose faith in your business if their personal data gets leaked.

What is a SOC 2 Report? With Examples + Template

You’re facing a SOC 2 audit, and you don’t quite know what to expect or how to prepare for it. Although an independent auditor will inspect your company’s IT security program, you’re not entirely sure what information the resulting report may contain. To get fully prepared, it can be helpful to look at some real-life SOC 2 audit report examples. In the following article, we’ll look at a few sample SOC 2 reports, but first, let’s address the obvious question.

TrustCloud Launches TrustHQ for Slack, to enable Slack-first Trust Workflows for GRC and Sales teams

TrustHQ™ turns Slack into the central hub for employees, GRC and sales teams to prioritize, track and complete critical internal and customer-facing trust-related tasks in a shared digital space.

Our approach to ticketing and automation

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, and Compliance Teams to learn about the team’s approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.