Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

CISOs Ultimate Guide For Top 30 Security Control Frameworks - 2019

Companies in highly regulated industries are forced to adopt one or more frameworks in order to meet compliance initiatives. There are over 200 security frameworks, regulations, standards and guidelines to choose from that could impact your business at any given time. In no particular order, below are the top security controls frameworks that are pervasive throughout our security industry along with some unique facts about each framework.

We are compliant why do we need a security program?

Often in the realm of IT management, the thought of IT compliance is associated with information security. This is unfortunately not the case as they are two very different things. In this article, we will simplify compliance, and discuss why a pro-active security program is the ideal approach for modern business practice.

How Not To Become a Target With Enough for Two Lines or Even Three

In mid-November last year, the retail giant Target experienced a security breach where customers’ credit card information was stolen. At first, it was thought that 40 million users had been affected but by January 2014, those numbers skyrocketed to a stunning 100 million. What emerged was the story of hackers who had appeared as “the good guys” in order to harvest as much information as they could from Target’s network.

State Security Breach Notification Laws

A security breach is defined as any unauthorized access or acquisition that compromises the security, confidentiality, integrity or availability of covered information, systems, and applications. Recent years have seen significant amounts of legislative activity related to state data breach notification laws. South Dakota and Alabama enacted new data breach notification laws in 2019, becoming the last of 50 U.S. states to enact such laws.

In-House Counsel: Best Legal Practices in Data Breaches

The likelihood that your organization will suffer a material data breach in the next 2 years is nearly 28%, and that’s higher than last year’s risk according to The Ponemon Institute’s 2018 Cost of a Data Breach Study: Global Overview. Counsel’s best strategy is to insist on a strong organizational plan to quickly and effectively respond to data breaches and, ultimately, prevent them in the future.

Ignyte - GRC Company for Cybersecurity Receives Funding

January 15, 2019 Miamisburg, OH – Ignyte Assurance PlatformTM, an industry leader in managing governance, risk and compliance (GRC), has received $100,000 from the state of Ohio to develop and integrate cybersecurity technology from the Air Force Research Laboratory. The company will use the funding to develop and integrate cybersecurity technology from the Air Force Research Laboratory to improve data collection and analysis.

Benefits of a Secure Software Development Life Cycle (SDLC)

The software development life cycle abbreviated SDLC, is a term used for the process of developing, altering, maintaining, and replacing a software system. SDLC is comprised of several different phases, including planning, design, building, testing, and deployment. In Secure SDLC, security assurance is practiced within in each developmental phase of the SDLC. Throughout each phase, either penetration testing, code review, or architecture analysis is performed to ensure safe practices.