Compliance

What is SOC 2 Type 2 and Why is it Important?

Jul 6, 2023 By Alex McConnell In Netacea

Netacea is proud to announce that six months on from completing SOC 2 Type 1 compliance, we can now confirm SOC 2 Type 2 compliance as well, further demonstrating our commitment to data security and protecting our customers.

Read Post

Netacea

Read more about What is SOC 2 Type 2 and Why is it Important?

Lessons from Vanta's WebAuthn migration

Jul 6, 2023 By Vanta In Vanta

In this ongoing series, you’ll hear directly from the teams keeping Vanta—and most importantly, our customers—secure. Today’s post by Rob Picard and Jess Chang on the Security team explains why and how we migrated to WebAuthn as the mandatory way to log into Okta. ‍ ‍

Read Post

Vanta

Read more about Lessons from Vanta's WebAuthn migration

The Road to Continuous Compliance

Jul 6, 2023 By RiskOptics In RiskOptics

Compliance is often viewed as a “one and done” activity – an annual rite of passage, for example, performed during yearly audits. That is an archaic approach to compliance in the modern business world, and won’t suffice any longer. Instead, organizations must adopt a mindset of continuous compliance, where adherence to regulatory requirements becomes integral to day-to-day operations. How can a company achieve that evolved state?

Read Post

RiskOptics

Read more about The Road to Continuous Compliance

Trust Talks with Annie O'Rourke, Director of Compliance, Audit and Assurance at Snyk

Jul 6, 2023 By TrustCloud In TrustCloud

Sravish sits down with Annie O’Rourke to discuss the latest security and GRC trends. Discover the secrets to making GRC more accessible for your company, sharing impactful metrics with the board, and find out why Annie and the Snyk team love using Awarego!

View Video

TrustCloud

Read more about Trust Talks with Annie O'Rourke, Director of Compliance, Audit and Assurance at Snyk

UK Telecommunications Security Act 2021: 3 Documents From The Regulators Every Telco Executive Should Read

Jul 5, 2023 By Gaurav Gupta In Splunk

In 2019, the UK Government (NSCS) conducted The UK Telecoms Supply Chain Review, to assess and address potential risks associated with the supply chain of telecommunications infrastructure in the country. The review highlighted the risks associated with reliance on certain vendors, particularly those with high-risk profiles. It also recommended increased oversight and regulation to mitigate security risks and protect critical national infrastructure.

Read Post

Splunk

Read more about UK Telecommunications Security Act 2021: 3 Documents From The Regulators Every Telco Executive Should Read

PCI DSS Compliance in Healthcare

Jul 5, 2023 By Ronak Patel In VISTA InfoSec

Data security has become an essential aspect of our lives and is more crucial than ever before. In the healthcare industry, organizations are entrusted with a plethora of sensitive information, including PHI, PII, and financial data. This renders them accountable for complying with both HIPAA and PCI regulations. Adherence to these regulations is paramount for safeguarding sensitive patient information from data breaches and cyber attacks.

Read Post

VISTA InfoSec

Read more about PCI DSS Compliance in Healthcare

DFARS Compliance: What You Need to Know

Jul 5, 2023 By Kyle Chin In UpGuard

Businesses that work with the US Department of Defense (DoD) and collect, process, transmit, or store controlled unclassified information (CUI) must comply with Defense Federal Acquisition Regulation Supplement (DFARS) standards. The DoD has responded to the growing threat of cyber incidents, including cyberattacks from cybercriminals and nation-states, by prioritizing cybersecurity best practices and insisting they are implemented throughout the DoD supply chain.

Read Post

UpGuard

Read more about DFARS Compliance: What You Need to Know

PCI DSS Compliance for Healthcare Organizations

Jun 30, 2023 By VISTA InfoSec In VISTA InfoSec

Learn about the Payment Card Industry Data Security Standard (PCI DSS) and how it can benefit your healthcare organization. Our informative session covers topics such as the purpose of PCI DSS in healthcare, the impact of PCI v4.0, and the importance of PCI compliance. Plus, our interactive session is open for queries. Don’t miss out on this chance to learn from the experts at VISTA InfoSec. 📞 Phone Number: +1-415-513-5261(United States)+65-3129-0397(Singapore)+442081333131(UK)+91 9987244769 (India)

View Video

VISTA InfoSec

Read more about PCI DSS Compliance for Healthcare Organizations

Vendor Risk Assessments: 3 Common Mistakes to Avoid

Jun 30, 2023 By Richa Tiwari In TrustCloud

Few organizations can perform their daily tasks and operations without vendors and third-party partners. And even if they could, successful businesses understand that working with others provides a better experience than doing it alone. The vendors and partners a business associates with matter. These relationships impact security measures, revenue, and brand reputation.

Read Post

TrustCloud

Read more about Vendor Risk Assessments: 3 Common Mistakes to Avoid

Security SOS: It's dangerous to view cloud and data separately

Jun 29, 2023 By Calligo In Calligo

Security risks within the IT infrastructure of global businesses are increasingly prevalent – and damaging. When swathes of data are separated in the hybrid or multi cloud, it can leave big open doorways for malware to walk right in. The message I want businesses to hear is that cloud and data are not separate. IT only exists to service the needs of a business’ data. Securing cloud services – and therefore your data – is a business-critical issue.

Read Post