Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Responsibilities of a Compliance Manager

Being a compliance manager can sound tedious to a lot of people. When people think about compliance, they often think in terms of checking boxes on audit forms. However, compliance management is more like putting together a puzzle without having the cover picture. Compliance issues come from a variety of regulations and industry standards, often overlapping while sometimes being disconnected.

What is the Primary Objective of Data Security Controls?

Effective information security management requires understanding the primary concepts and principles including protection mechanisms, change control/management, and data classification. However, those terms may feel overwhelming at first leading many businesses to follow compliance requirements blindly without fully understanding whether they effectively secure their systems, networks, and software.

Help stop data leaks with the Forseti External Project Access Scanner

Editor’s note: This is the second post in a series about Forseti Security, an open-source security toolkit for Google Cloud Platform (GCP) environments . In our last post, ClearDATA told us about a serverless alternative to the usual way of deploying Forseti in a dedicated VM. In this post, we learn about Forseti’s new External Project Access Scanner. With data breaches or leaks a common headline, cloud data security is a constant concern for organizations today.

What is Risk Exception

A business wants to hire a vendor. However, this vendor does not meet policy standards and has requested an exception. The question you face is whether or not to approve or deny that exception request. What’s good for business sometimes comes with added risk. In fact, many incidents are the direct result of a policy violation. For risk management, and business needs, maybe the answer isn’t a simple yay or nay but a more nuanced approach.

Top 7 Healthcare Cybersecurity Frameworks

Today, the healthcare industry has become prone to cyber-attacks, just like in any other sector. One notable fact within all those fields is the similarities in existing as well as emerging threats. At the same time, there is an increasing need for organizations to reassure their customers and regulators that their networks and systems have incorporated adequate security measures. One way of achieving this goal includes complying with various recognized security standards and frameworks.

CISOs Ultimate Guide For Top 30 Security Control Frameworks - 2019

Companies in highly regulated industries are forced to adopt one or more frameworks in order to meet compliance initiatives. There are over 200 security frameworks, regulations, standards and guidelines to choose from that could impact your business at any given time. In no particular order, below are the top security controls frameworks that are pervasive throughout our security industry along with some unique facts about each framework.