%term

OMB M-21-31: Your Complete Guide

Sep 20, 2023 By Laiba Siddiqui In Splunk

Imagine that you work in IT and security for a federal entity. How do you manage your event data across different systems and networks? When something goes wrong, how do you detect, investigate and remediate these security incidents? That’s what the Office of Management and Budget (OMB) addresses in M-21-31: a memorandum that provides guidance for federal agencies to increase their visibility and response capabilities before, during and after a cybersecurity incident.

Read Post

Splunk

Read more about OMB M-21-31: Your Complete Guide

Penetration Testing and Digital Operational Resilience Act (DORA)

Sep 20, 2023 By Razorthorn In Razorthorn

In this enlightening discussion with expert Paul Dwyer, we explore the changing landscape of penetration testing within the context of the Digital Operational Resilience Act (DORA). Paul addresses the concern of traditional, snapshot-in-time penetration testing being costly and asks whether this will drive organizations towards more regular and ongoing testing to enhance security. The answer is a resounding "yes." DORA includes a dedicated section that mandates various types of tests, ranging from standard assessments to highly specific threat lab penetration testing.

View Video

Razorthorn

Read more about Penetration Testing and Digital Operational Resilience Act (DORA)

Cybersecurity Compliance in the Education Industry: How to Protect Students' Personal Data

Sep 20, 2023 By Syteca In Syteca

The education industry is facing a growing threat from malicious cyberattackers, both external and internal. According to the Cyber Attack Trends report by Check Point Research, the education and research industry suffered from 44% more cyberattacks in the first half of 2022 compared to the same period in 2021. Therefore, cybersecurity in the academic industry is of paramount importance now.

Read Post

Syteca

Read more about Cybersecurity Compliance in the Education Industry: How to Protect Students' Personal Data

The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

Sep 19, 2023 By Stefanie Shank In Tripwire

Non-compliance in cybersecurity marks a grave oversight. It involves neglecting established security protocols, leaving organizations vulnerable to malicious actors. Read on as we examine the potential risks of non-compliance, including heightened susceptibility to cyberattacks, the specter of data breaches, and the erosion of a company's hard-earned reputation.

Read Post

Tripwire

Read more about The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

Navigating the AI Maze: Demystifying Artificial Intelligence and Its Misconceptions

Sep 19, 2023 By Calligo In Calligo

In the world of technology, few concepts have captured our collective imagination like Artificial Intelligence (AI). It’s the promise of machines that can think, learn, and perform tasks with a level of sophistication that mimics human intelligence. Yet, the allure of AI has also given rise to a web of confusion, myths, and misunderstandings.

Read Post

Calligo

Read more about Navigating the AI Maze: Demystifying Artificial Intelligence and Its Misconceptions

OMB M-21-31 Compliance Made Easy With Splunk CES

Sep 19, 2023 By Kristen Chiarenza In Splunk

Software supply chain attacks are increasingly complex and damaging — underscoring the importance of increased government visibility throughout a cybersecurity incident. Over the last two years, the U.S.

Read Post

Splunk

Read more about OMB M-21-31 Compliance Made Easy With Splunk CES

Organizational Resilience: Insights from Paul Dwyer on DORA

Sep 19, 2023 By Razorthorn In Razorthorn

Discover the critical components of organizational resilience with expert Paul Dwyer in this enlightening discussion centered around the Digital Operational Resilience Act (DORA). Paul emphasizes the fundamental aspect of resilience, which revolves around rigorous testing, learning from those tests, and implementing improvements. It's about proving that you've not only conducted tests but have also adapted and grown from the experience.

View Video

Razorthorn

Read more about Organizational Resilience: Insights from Paul Dwyer on DORA

How to Extend Digital Transformation to GRC Strategies

Sep 19, 2023 By Sravish Sridhar In TrustCloud

With today’s dynamic cybersecurity threat landscape, governance, risk management, and compliance (GRC) can’t afford to be stuck lagging and playing catch-up. It needs to be leading the pack, ensuring organizations are compliant, protected, communicative, and driving business success.

Read Post

TrustCloud

Read more about How to Extend Digital Transformation to GRC Strategies

PCI-DSS 4.0: What's changing and how to prepare

Sep 18, 2023 By Vanta In Vanta

The way we do business continues to evolve, and with that, the requirements to remain compliant continue to evolve as well. PCI-DSS is no exception — as of March 2024, PCI-DSS 4.0 will introduce some significant changes. These differences are largely minor but could be very impactful for organizations depending on how they previously approached PCI-DSS 3.2.1.

Read Post

Vanta

Read more about PCI-DSS 4.0: What's changing and how to prepare

What is ISO 9001? Quality Management System (QMS) Standards

Sep 18, 2023 By Nicholas Sollitto In UpGuard

The International Organization for Standardization created ISO 9001 to provide an archetypal standard for quality management systems (QMS) worldwide. The most up-to-date version of the framework is ISO 9001:2015, which highlights the importance of risk-based thinking and decision-making to improve output and product quality. Utilized by organizations of all sizes and across most major industries, ISO 9001 helps streamline operations and align day-to-day processes with strategic objectives.

Read Post