%term

Shared Responsibility Model: Breakdown & Best Practices

Aug 11, 2023 By Michael Marrano In TrustCloud

There is a widespread misunderstanding regarding cloud services, particularly in relation to Software as a Service (SaaS). Many organizations mistakenly believe that once they migrate to the cloud, the responsibility for all aspects of security and data protection rests solely with the SaaS provider. This misconception creates a false sense of security, which can be detrimental.

Read Post

TrustCloud

Read more about Shared Responsibility Model: Breakdown & Best Practices

ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

Aug 10, 2023 By Indusface In Indusface

Overview: In this podcast, Girish Redekar (CEO and Co-Founder, Sprinto), shares with Venky the most effective ways to implement the ISO 27001 framework for organizations to attain comprehensive security, rather than solely obtaining a certification. He also discusses similarities & differences between SOC2 and ISO 27001, and suggests that organizations can streamline their security program to achieve multiple certifications more efficiently.

View Video

Indusface

Read more about ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

GDPR Compliance Audit - Evaluating Your Data Protection Practices

Aug 10, 2023 By VISTA InfoSec In VISTA InfoSec

The GDPR is a regulation established by the European Union to provide guidelines for the collection and processing of personal data within the EU. A GDPR compliance audit is an independent and systematic evaluation of an organization’s adherence to these guidelines. The goal of such an audit is to help organizations meet their obligations under the GDPR and identify areas for improvement.

View Video

VISTA InfoSec

Read more about GDPR Compliance Audit - Evaluating Your Data Protection Practices

Impact of Cyber Attacks on Small Businesses

Aug 8, 2023 By Ronak Patel In VISTA InfoSec

Your business is at high risk if you have no security measures. A cyber attack can cause devastating financial damage to your business, including legal liabilities. Cyberattacks can result in lasting adverse repercussions on the reputation of your network security, as clients and customers can lose faith in your business if their personal data gets leaked.

Read Post

VISTA InfoSec

Read more about Impact of Cyber Attacks on Small Businesses

TrustCloud Launches TrustHQ for Slack, to enable Slack-first Trust Workflows for GRC and Sales teams

Aug 3, 2023 By TrustCloud In TrustCloud

TrustHQ™ turns Slack into the central hub for employees, GRC and sales teams to prioritize, track and complete critical internal and customer-facing trust-related tasks in a shared digital space.

Read Post

TrustCloud

Read more about TrustCloud Launches TrustHQ for Slack, to enable Slack-first Trust Workflows for GRC and Sales teams

Our approach to ticketing and automation

Aug 3, 2023 By Vanta In Vanta

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, and Compliance Teams to learn about the team’s approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

Read Post

Vanta

Read more about Our approach to ticketing and automation

New SEC Cyber Requirements Unite Security Leaders and Business Stakeholders

Aug 3, 2023 By Kovrr In Kovrr

It all started with a statement from the US Securities and Exchange Commission’s (SEC) Jaime Lizárraga. The commissioner revealed that a staggering 83% of companies suffered from multiple data breaches last year, with an average expense of $9.44 million in the United States— a dramatic increase of 600% over the past ten years.

Read Post

Kovrr

Read more about New SEC Cyber Requirements Unite Security Leaders and Business Stakeholders

Why Independent Benchmarking Data is a Critical Part of SEC Cybersecurity Disclosure Strategy

Aug 3, 2023 By Jake Olcott In BitSight

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) voted to adopt new cybersecurity requirements for publicly traded companies. These regulations create new obligations for reporting material cybersecurity incidents and disclosing critical information related to cybersecurity risk management, expertise, and governance. Companies will be required to disclose risks in their annual reports beginning on December 15, 2023.

Read Post

BitSight

Read more about Why Independent Benchmarking Data is a Critical Part of SEC Cybersecurity Disclosure Strategy

Automating insight into SEC cybersecurity filings with Elastic

Aug 3, 2023 By Anthony Scarfe In Elastic

The Securities and Exchange Commission (SEC) adopted new rules last week that require companies listed on the US Stock Exchange to disclose any material cybersecurity incidents. In addition to reporting incidents, companies are also required to describe their approach to cybersecurity risk management, strategy, and governance on an annual basis.

Read Post

Elastic

Read more about Automating insight into SEC cybersecurity filings with Elastic

New SEC cybersecurity rules put more onus on the CISO, not so much on directors

Aug 3, 2023 By Myke Lyons In Snyk

With the SEC's adoption of new rules on cybersecurity risk management, strategy, governance, and incident disclosure by public companies, one thing is clear: better definitions are required.

Read Post