The NIS2 Directive, published in December 2022, sets out a series of measures for improving cyber risk management throughout the European Union. All EU member states must apply the Directive as part of national law by October 2024. By the same date, all applicable organizations must comply with the measures set out in NIS2.

TX-RAMP (Texas Risk and Authorization Management Program) is a cybersecurity program that was modeled after the similarly named FedRAMP and StateRAMP programs to ensure that cloud computing services that work with federal or state agencies have adequate security controls in place. TX-RAMP was created by the Texas Department of Information Resources (DIR) to provide a method to review the security measures taken by cloud-based products and services that process and transmit data to Texas state agencies.

The ISO 27000 series is an industry standard that has long defined and dictated base-level requirements for organizations’ information security management systems (ISMS). Through more than a dozen standards, the framework helps organizations demonstrate management commitment to their ISMS as they regularly review and improve their systems and procedures.

We’re thrilled to announce the launch of Private Integrations today, enabling Vanta customers to easily connect their in-house or third-party applications to Vanta’s Trust Management platform. With Private Integrations, in-house systems that need compliance controls can now be managed with the same level of automation as any third-party application available in Vanta’s integration directory.

WhiteHat™Dynamic delivers the compliance testing you need, without slowing down development. Your business runs on an ever-changing combination of software you build, software you borrow, and software you buy. Of course you need run your business at the speed of software, but these ever-changing apps and systems can contain vulnerabilities that can be exploited to disrupt, threaten, and steal essential data.

The collection and evaluation of audit evidence plays an important role in assessing an organization’s compliance with established standards. The American Institute of Certified Public Accountants (AICPA) serves as a guiding force, establishing methods that auditors should use to carry out their duties effectively. As auditors start their examination, they first collect and analyze various types of audit evidence, each serving as a piece of the puzzle that forms the auditor’s report.

The Texas Data Privacy and Security Act (TDPSA) was enacted on June 18, 2023, making Texas the tenth U.S. state to authorize a comprehensive privacy law that protects resident consumers. The TDPSA borrows many statutes from other state privacy laws, mainly the Virginia Consumer Data Protection Act (VCDPA) and the California Consumer Privacy Act (CCPA).