Compliance

How to Fulfill Multiple Compliance Objectives Using the CIS Controls

Jan 18, 2022 By David Bisson In Tripwire

Earlier this year, I wrote about what’s new in Version 8 of the Center for Internet Security’s Critical Security Controls (CIS Controls). An international consortium of security professionals first created the CIS Controls back in 2008. Since then, the security community has continued to update the CIS Controls to keep pace with the evolution of technology ecosystems and emerging threat vectors—all the way to Version 8 and the 18 Controls contained therein.

Read Post

Tripwire

Read more about How to Fulfill Multiple Compliance Objectives Using the CIS Controls

California Consumer Privacy Act (CCPA) Compliance: What you need to know to be compliant

Jan 17, 2022 By Editor In Cyphere

The California consumer privacy act (CCPA) is a law that was passed in 2018, and it is in effect from January 1st 2020. The California attorney general’s office has not taken any enforcement action against firms that did not meet the standards until July 1st 2020. A lot of people are unsure about what this new law means for them. Like the GDPR, there are significant penalties for non-CCPA compliance and potential loss of consumer loyalty.

Read Post

Cyphere

Read more about California Consumer Privacy Act (CCPA) Compliance: What you need to know to be compliant

SSH Bastion Host Best Practices

Jan 13, 2022 By Sakshyam Shah In Teleport

SSH bastion hosts are an indispensable security enforcement stack for secure infrastructure access. Every security compliance standard that deals with remote infrastructure access (e.g., FedRAMP AC-17 - Remote Access, HIPAA §164.312(a)(1) - Access control, SOC2 CC6.1 - Manage Points of Access) mandates preventing direct network access to the servers and APIs.

Read Post

Teleport

Read more about SSH Bastion Host Best Practices

What is Compliance Management in Cybersecurity?

Jan 13, 2022 By Edward Kost In UpGuard

Compliance management is the process of ensuring all workflow, internal policies and IT initiatives align with specific industry cybersecurity regulations. This effort is ongoing since the digital attack surface is always expanding.

Read Post

UpGuard

Read more about What is Compliance Management in Cybersecurity?

PCI DSS Compliance Check List & Best Practices You Should Be Knowing

Jan 12, 2022 By VISTA InfoSec In VISTA InfoSec

PCI DSS can be very challenging for businesses to achieve, especially when they have limited resources to get things in place. Moreover, understanding the requirements and implementing measures to meet the 12 PCI DSS requirement is altogether a different challenge. Businesses need to consider many aspects when undergoing an Audit and ensuring it is a success. Achieving PCI DSS Compliance requires establishing, updating, and constantly reviewing policies, procedures, and processes. This in turn ensures securing of sensitive data and IT Infrastructure.

View Video

VISTA InfoSec

Read more about PCI DSS Compliance Check List & Best Practices You Should Be Knowing

Riscosity Value Proposition

Jan 11, 2022 By Riscosity In Riscosity

Riscosity brings a myriad of benefits for by various groups inside an enterprise. Close larger dollar value deals faster by responding to customer security concerns and demonstrating complete knowledge of your own digital supply chain.

View Video

Riscosity

Read more about Riscosity Value Proposition

Riscosity - How does the solution work

Jan 11, 2022 By Riscosity In Riscosity

Riscosity scans the enterprise source code repositories and creates an automated online vendor catalog in minutes.

View Video

Riscosity

Read more about Riscosity - How does the solution work

Riscosity - Securing The Digital Supply Chain - Thought Leaders - Ep. 1

Jan 11, 2022 By Riscosity In Riscosity

In this episode of Securing the Digital Supply Chain Anirban Banerjee , CEO and co-founder of Riscosity talks to Atif Yusuf and Ravi Gunturi, two well known security leaders in the San Francisco Bay Area. Note - all opinions expressed here belong to the individuals only.

View Video

Riscosity

Read more about Riscosity - Securing The Digital Supply Chain - Thought Leaders - Ep. 1

Understanding Monetary Authority of Singapore's (MAS) Guidance: Safeguarding Your Financial Institution's Cloud Environment

Jan 10, 2022 By Don Tan In Lookout

As a major financial hub in Asia and globally, Singapore is very aware of the challenges facing the financial industry, especially the accelerated digital transformation that stemmed from the COVID-19 pandemic. In response to the sector’s increased exposure to cloud technology, the Monetary Authority of Singapore (MAS) has released a guideline to address cybersecurity risks associated with the adoption of public clouds.

Read Post

Lookout

Read more about Understanding Monetary Authority of Singapore's (MAS) Guidance: Safeguarding Your Financial Institution's Cloud Environment

CMMC 2.0 Level 1 & 2 Assessment Guidance

Jan 10, 2022 By Ignyte Team In Ignyte

Aaron McCray, Ignyte’s Chief Operating Officer, is giving a brief overview of the changes to CMMC 2.0, and more specifically its Practice levels vs Maturity levels in the video below. Aaron is a commercial risk management leader by trade and a Commander in the U.S. Navy Reserves.

Read Post