The Trusted Information Security Assessment Exchange (TISAX) is the certification process for engaging in the Verband der Automobilindustrie (VDA), the German Association of the Automotive Industry, Information Security Assessment (ISA). The ENX Association, a collection of automobile manufacturers, suppliers, and four national automotive associations, established TISAX to create an overarching industry standard and make reporting more efficient.

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

By now you’ve heard about the new cybersecurity rules from the U.S. Securities and Exchange Commission (SEC) requiring public companies to report material cybersecurity incidents and disclose critical information related to cybersecurity risk management, expertise, and governance. Companies will be required to disclose risks in their annual reports beginning on December 15, 2023.

TL;DR - The future of finance is intertwined with artificial intelligence (AI), and according to SEC Chair Gary Gensler, it's not all positive. In fact, Gensler warns in a 2020 paper —when he was still at MIT—that AI could be at the heart of the next financial crisis, and regulators might be powerless to prevent it. AI's Black Box Dilemma: AI-powered "black box" trading algorithms are a significant concern.

In July, we released Private Integrations which allow you to connect any app to Vanta, plus 30 new integrations, additional customization for pre-built Vanta content, and more: ‍ ‍ ‍

We're thrilled to announce that Teleport has recently achieved critical compliance milestones, marking another significant step forward in our commitment to providing highly secure and reliable cloud-based services. We are pleased to inform you that Teleport has successfully achieved ISO 27001 certification, is now HIPAA compliant, and has also expanded our SOC 2 report coverage with the addition of Confidentiality and Availability trust service criteria.

There is a widespread misunderstanding regarding cloud services, particularly in relation to Software as a Service (SaaS). Many organizations mistakenly believe that once they migrate to the cloud, the responsibility for all aspects of security and data protection rests solely with the SaaS provider. This misconception creates a false sense of security, which can be detrimental.

Your business is at high risk if you have no security measures. A cyber attack can cause devastating financial damage to your business, including legal liabilities. Cyberattacks can result in lasting adverse repercussions on the reputation of your network security, as clients and customers can lose faith in your business if their personal data gets leaked.

As expected, the Securities and Exchange Commission adopted new rules today requiring publicly traded companies to make more disclosures about the cyber risks they have and the specific cyber attacks they suffer.