Spending on security and risk management is soaring worldwide. But exactly which improvements should you focus on next to best strengthen your cybersecurity program?
For many organizations,...
Compliance
October 21, 2021
The General Data Protection Regulation (GDPR) is designed to protect the personal data of EU residents by regulating how that information is collected, stored, processed and destroyed. The data...
Compliance
September 16, 2021
What is the California Privacy Rights Act (CPRA)?
The California Privacy Rights Act (CPRA) is an extension of the 2018 California Consumer Privacy Act (CCPA). The goal of both laws is to enhance the...
Compliance
August 13, 2021
What is SOX compliance?
After several large corporate accounting scandals in the early 2000s that led to investors losing billions of dollars, the US government passed the Sarbanes-Oxley Act of 2002....
Following a string of 83 data breaches in 2019 alone, the United States Department of Defense (DoD) established the Cybersecurity Maturity Model Certification (CMMC). The CMMC framework is a unified...
Infrastructure
May 5, 2021
A security and information event management (SIEM) tool can be a valuable component of a mature security strategy. Indeed, effective SIEM solutions have been available for well over a...
Compliance
March 24, 2021
With cyber threats rapidly evolving and data volumes expanding exponentially, many organizations are struggling to ensure proper security. Implementing a solid cybersecurity framework (CSF) can help...
Compliance
March 17, 2021
It should come as no surprise that the U.S. federal government takes cybersecurity quite seriously. After all, federal agencies manage massive stores of sensitive data, including information...
The NIST 800-53 standard offers solid guidance for how organizations should select and maintain customized security and privacy controls for their information systems. NIST SP 800-53 Revision 5 is...
Compliance
January 20, 2021
ISO/IEC 27001 is a set of international standards developed to guide information security. Its component standards, such as ISO/IEC 27001:2013, are designed to help organizations implement, maintain...
