Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

The Best Ways to Maintain PCI Compliance

Congratulations, you have achieved PCI compliance! Now comes the hard part, staying compliant. Remember, it was a great deal of work to get your environment where it needed to be for the Payment Card Industry Data Security Standard (PCI DSS). Organizations spend a fair amount of money getting systems, networks, and people exactly where they need to be for cardholder data protection.

Healthcare A Growing Cyber Sickness

Healthcare data breach statistics clearly show there has been an upward trend in data breaches over the past few years, with 2019 seeing more data breaches reported than any other year According to Black Book Market Research, 96% of IT professionals believe cyber-attackers are outpacing the security capabilities of medical organizations. As a result, organizations must implement healthcare data security solutions that will improve patient care while protecting important assets. Schedule a demo today, and stay cyber assured.
Featured Post

The Relationship Between Risk Management and Process Improvement

In today's highly competitive world, businesses need to adjust to changes quickly. Any change in organizational structure, customer preference, competitor strategy, regulatory requirements all pose uncertainties to a company. If you want to remain ahead of the curve, you need to adopt a risk management plan and focus on the continuous improvement of your processes.

What is HECVAT (Higher Education Community Vendor Assessment Toolkit)?

The Higher Education Community Vendor Assessment Tool (HECVAT) is a security assessment template that attempts to generalize higher education information security and data protection questions and issues regarding cloud services for consistency and ease of use. HECVAT has various versions that are free to use and provide a consistent, streamlined third-party risk assessment framework.

Why vendor management is a cornerstone of security

When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending the same diligence towards their third-parties. Organizations end up trusting the security of their network and data to an unknown and untested third-party. As we all know, a chain is only as strong as its weakest link.

Why You Need a Vendor Risk Management Policy

A formal, written vendor or third-party risk management policy is the first step in developing your vendor risk management program, and essential to that program’s success. Vendor risk management encompasses third-party risks as well as that of your vendors’ vendors — fourth-party risks — and is an important component of any cybersecurity program.

CCPA Exemptions: The California Consumer Privacy Act and the Gramm-Leach-Bliley Act

A change is coming for privacy protection. Are you ready? For the past twenty years, most financial services businesses fell under the requirements of the Gramm-Leach-Bliley Act (GLB Act or GLBA). This law federally governed the collection and disclosure of customers’ personal financial information. However, on January 1st, 2020, a new privacy rule—the California Consumer Privacy Act (CCPA)—wentis going into effect.