Category: Risk Assessments

HHS CPG Checklist Feature - Orange monotone image of a medical professional

HHS Cybersecurity Performance Goals: Context and 2 Comprehensive Checklists

Framework Assessments, Risk Assessments, Security StandardsOctober 22, 2024

Few pieces of data are as intimate and private as health records. Because of the sensitive nature of the data,…

Read post

Two men on scaffolding doing construction on a building. Representing cybersecurity frameworks like NIST CSF 2.0.

NIST CSF 2.0: Noteworthy Updates in the New Version

Framework Assessments, Information Security, News, Risk Assessments, Security StandardsSeptember 13, 2023

On August 8, 2023, NIST published the initial public draft for version 2.0 of its Cybersecurity Framework (NIST CSF 2.0).…

Read post

Network Security Audits vs. Security Risk Assessments

Audit Prep, Information Security, Risk AssessmentsDecember 16, 2022

Due to a lack of a common language in the security world, it’s easy to get confused and overwhelmed. Considering…

Read post

FTC Safeguards Rule: What you Need to Know

Information Security, News, Penetration Testing, Risk Assessments, vCISOJune 23, 2022

What is the FTC Safeguards Rule? Initially established in 2003, the FTC Safeguards Rule outlines data security guidelines for organizations…

Read post

vCISO Engagements After Acceptable Risk Assessment Scores

vCISO, C-Suite, Culture, Incident Response, Risk AssessmentsJune 24, 2020

When your organization reaches a risk assessment score threshold it finds acceptable, that’s not the time to take your foot…

Read post

parts manufacturing for the department of defense and cmmc compliance

What We Know About the CMMC So Far

Audit Prep, C-Suite, Framework Assessments, Risk Assessments, Security StandardsFebruary 19, 2020

If you’re a contractor for the DOD, the CMMC needs to be on your radar. Security requirements will be built…

Read post

10 Characteristics of Companies that Avoid Cyber Security Incidents

10 Traits of Companies that Avoid Cyber Incidents

Information Security, C-Suite, Culture, Framework Assessments, Incident Response, Risk Assessments, Security Breaches, Security StandardsSeptember 20, 2019

You can’t prevent all security incidents from happening, but businesses that avoid many of them tend to have commonalities. Here…

Read post

Manufacturing Cybersecurity Defenses Against Cyberteurs

Information Security, Risk Assessments, Security Breaches, Security StandardsOctober 11, 2018

Manufacturing businesses are uniquely vulnerable to attackers. Their business models are hyper-affected by potential breaches. Take a look at how…

Read post

Using a Common Language to Reach Non-Security People

Information Security, Personal Security, Risk AssessmentsJune 12, 2018

In the brokenness of the information security industry, our inability to communicate effectively stands out above the rest as one…

Read post

Not If, But When: Security Incident Classification

Incident Response, Risk AssessmentsFebruary 15, 2018

Information security incidents are unavoidable. It’s important to learn how to respond effectively to and manage an incident that does…

Read post

An Information Security Expert’s Take On The Equifax Breach

Security Breaches, Framework Assessments, Incident Response, Information Security, Risk AssessmentsSeptember 14, 2017

Logically, we approach investigations holistically from four different perspectives; the company itself, what was in place for prevention, what was…

Read post

Information Security Life Cycle, not Information Security Projects

Information Security, Audit Prep, Framework Assessments, Risk AssessmentsSeptember 12, 2017

Information security is a living, breathing process that’s ongoing, it’s a life cycle. Without a life-cycle approach to information security…

Read post