%term

Strategies For Vendor Third Party Risk Management

Mar 4, 2022 By VISTA InfoSec In VISTA InfoSec

Vendor Third-Party Risk Management is an essential part of most regulatory and compliance programs. Tracking and monitoring vendor risk are important as it helps businesses make critical business decisions and mitigate risk from time to time. As organizations mostly outsource some parts of their operations to vendors or third-party service providers, it has become mandatory in certain standards and regulations to establish Vendor third-party risk management as a part of the compliance process.

View Video

VISTA InfoSec

Read more about Strategies For Vendor Third Party Risk Management

Cybersecurity at the Tactical Level: The Importance of StateRAMP

Mar 3, 2022 By Tony D'Angelo In Lookout

Here in the United States, we often focus on the cybersecurity readiness of the federal government. The reality is that state and local government departments are just as, if not more vulnerable to cyber attacks. Nearly one quarter of their employees use personal devices for work, where security teams have little visibility, enabling threat actors to execute phishing and other malicious activities. These risks will only continue to grow as in-person services continue remotely.

Read Post

Lookout

Read more about Cybersecurity at the Tactical Level: The Importance of StateRAMP

CrowdStrike Store - Falcon FileVantage

Mar 3, 2022 By CrowdStrike In CrowdStrike

In this video, we will demonstrate how Falcon FileVantage provides robust file integrity monitoring delivers the streamlined, central visibility that organizations need to identify and prioritize any changes while satisfying compliance requirements.

View Video

CrowdStrike

Read more about CrowdStrike Store - Falcon FileVantage

Using Log Management for Compliance

Mar 3, 2022 By Jeff Darrington In Graylog

It’s that time of the year again. The annual and dreaded IT and security audit is ramping up. You just received the documentation list and need to pull everything together. You have too much real work to do, but you need to prove your compliance posture to this outsider. Using log management for compliance monitoring and documentation can make audits less stressful and time-consuming.

Read Post

Graylog

Read more about Using Log Management for Compliance

Securing cloud infrastructure for PCI review

Mar 2, 2022 By DeveloperSteve In Snyk

The PCI certification process is quite comprehensive and relates to infrastructure, software and employee access to systems, in particular to datasets and the way that they are accessed. These checks are critical not only to the wider payments industry but also to create a level of trust with users knowing their data is protected. The PCI compliance process is a number of checks, usually by an accredited third party, to ensure that secure data handling processes are in place.

Read Post

Snyk

Read more about Securing cloud infrastructure for PCI review

CMMC Town Hall With Bill Walter, DHG & Eric Crusius, Holland & Knight | 3/2/22 | NeoSystems

Mar 2, 2022 By NeoSystems In NeoSystems

NeoSystems CMMC Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly CMMC Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, how to prepare for CMMC certification, and the latest updates from the CMMC AB.

View Video

NeoSystems

Read more about CMMC Town Hall With Bill Walter, DHG & Eric Crusius, Holland & Knight | 3/2/22 | NeoSystems

The data ditch: a toolkit to identify and escape it

Mar 2, 2022 By Calligo In Calligo

The dreaded data ditch. You might not even know your organization is stuck in it – the company might still be acting on gut feel as opposed to relying on data, the data you have might be ungoverned and inaccurate, or you’re waiting weeks, even months, for your teams to glean useful insights. You’re not alone. Data leaders like yourself keep falling into the data ditch.

Read Post

Calligo

Read more about The data ditch: a toolkit to identify and escape it

Monitor the security and compliance posture of your Azure environment with Datadog

Feb 28, 2022 By Hugo Delaby In Datadog

Governance, risk, and compliance (GRC) management presents some unique challenges for organizations that deploy a myriad of cloud resources, services, and accounts. Simple misconfigurations in any of these assets can lead to a serious data breach, and compliance issues become even more prevalent as organizations try to inventory and manage assets across multiple cloud platforms and security and auditing tools.

Read Post

Datadog

Read more about Monitor the security and compliance posture of your Azure environment with Datadog

Securing the Digital Supply Chain Ep 8 - Terence Jackson CISO, SLG, Microsoft

Feb 26, 2022 By Riscosity In Riscosity

In this episode of Securing the Digital Supply Chain we talk with terence Jackson, CISO at Microsoft for State and Local Government customers! We have a great time talking about the trends in the Software Supply Chain area as well what can CISOs focus on to get quick wins for their organizations. Terence brings a wealth of experience from small to medium scale to large enterprise organizations and applies them to various security challenges to effectively solve them.

View Video

Riscosity

Read more about Securing the Digital Supply Chain Ep 8 - Terence Jackson CISO, SLG, Microsoft

Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry

Feb 25, 2022 By Sule Tatar In Arctic Wolf

On February 9, the U.S. Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management for investment advisers, registered investment companies, and business development companies. It's no surprise that the SEC is taking a more active role in this, given their continued interest in cybersecurity issues and high-profile ransomware attacks.

Read Post