Breach Disclosure

How To Handle Breach Disclosure The Right Way

,
It’s not a matter of IF your organization will be breached but WHEN. How your organization handles their response to a breach (known as Incident Response) makes a HUGE difference. Here are a few examples of breach disclosure done the right way.
HITRUST 101

HITRUST 101: Assessment Content, Part 3

,
A high-level overview of HITRUST Domains 11-15, what to expect to be tested on, and what you can do to best prepare your program for HITRUST Certification.
HITRUST 101

HITRUST 101: Assessment Content, Part 2

,
A high-level overview of HITRUST Domains 6-10, what to expect to be tested on, and what you can do to best prepare your program for HITRUST Certification.
information security news roundup october 2017

Information Security News Roundup: October 2017

,
A summary of important current events in the Information Security world from the month of October that you should know about.
HITRUST 101

HITRUST 101: Assessment Content, Part 1

, ,
A high-level overview of HITRUST Domains 1-5, what to expect to be tested on, and what you can do to best prepare your organization for HITRUST Certification.
Information Security News Roundup: September 2017

Information Security News Roundup: September 2017

,
A summary of important current events in the Information Security world that you should know about.
Business impact analysis

Prepare for Impact: Why you should perform a Business Impact Analysis.

,
When a true disaster occurs we need to understand which systems are the most critical to continuing and restoring business operations. This is where performing a Business Impact Analysis (BIA) is essential.
BCP vs DRP

Why a Business Continuity Plan is Essential to Disaster Recovery.

,
So where IS the line differentiating between a Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP)? The fact is, there is a lot of overlap between the two terms; however, there are significant differences as well.
Cover Image.HITRUST

HITRUST 101: Is HITRUST Right for You?

,
In the last HITRUST 101 post, we examined the scoring methodology for a HITRUST assessment. In this post, we will go back to basics and take a deep dive into the why of HITRUST and determine if it is something that your organization should pursue.
Chief Security Officer Foundation

What Makes a Good Chief Security Officer?

,
The news from Equifax on Friday (9/15) states “the Chief Information Officer and Chief Security Officer are retiring”.  Somebody’s got to pay, and here are your first two scapegoats.  Will it stop with these two, or is the CEO (Richard Smith) job at risk too?  We can only speculate. I’m more interested in answering the question; what makes a good CSO/CISO or a good information security professional/expert?

Information Security: How I Went from Training? To Training! ...And you can too!

,
It started out so innocently, as most relationships do. A request for a disaster recovery plan. It didn't seem like she was asking too much - after all, it was just after 9/11 and we were responsible for sending out very important daily communications…