The exciting and dreaded phrase for an organization like yours to hear from a big prospect: “We like your solution and would like to purchase…” YES! “…but, we need you to pass a SOC 2 audit.” NOOOOOoooooooo…….! (cue scary music – fade to black) After you regain consciousness, you realize that you need to do … What is SOC 2? Demystifying SOC 2 Certification
DevSecOps Talent is Scarce SaaS-based startups are at the bleeding edge of DevSecOps since most have small engineering teams that must wear all three of these hats simultaneously. As a result, hiring becomes a major challenge since rarely do you find people with this rare combination of skills. Usually the company ends up optimizing to … We Need to Add Security to the DevOps Toolbox
The statistics the support the need for a virtual CISO are sobering. A recent report by Cybersecurity Ventures predicts that by 2021 there will be 3.5 million unfilled cybersecurity jobs. Combine this with the prediction that cybercrime is expected to cost the global economy $6 Trillion dollars by 2021 and you have the perfect storm … Virtual CISO: How to Fill the Empty Chair in Your Security Department
While collaborating on a Mission College (MC2IT) Security and Privacy Board meeting a few years ago, another board member and I were discussing the challenges of managing an information security program and how we can get more students involved in security and to get more people involved in managing an organization’s security policies. He said … Keep Your InfoSec Policy Evergreen
How you answer an RFP security questionnaire can make or break a new deal. Here, we break down some tips to help you ace your responses in minutes.
One thing we hear from enterprise IT sales reps is, “If we didn’t help write the RFP, they’re NOT buying from us. It’s a waste of my time.” But if you didn’t receive an RFP to begin with, you’re definitely NOT going to win the deal. As Wayne Gretzky said, “You miss 100 percent of … How to Write RFPs More Efficiently
Data Breach Reporting Now Required by Law in Canada The Personal Information Protection and Electronic Documents Act (PIPEDA) was amended under the Digital Privacy Act last June 18, 2015 to include provisions requiring mandatory data breach reporting and notification. On April 18, 2018, the Canadian federal government released the Breach of Security Safeguards Regulations which … Canada First to Implement National Data Breach Notification Law
A common perception is that information security is simply a “necessary pain in the ass” that organizations don’t want to invest in, implement or think about until they get bigger. And even then, it’s often resented. Smaller enterprises and startups feel like they don’t have the time or resources to put into protecting themselves. That … Benefits of Information Security for Businesses
While there is no official certification process for compliance with the GDPR, this new law requires that you document, operationalize and implement policies, procedures, controls to protect your client’s privacy and their data. Tugboat Logic helps you demonstrate accountability to the GDPR mandates with purpose-built controls, tools, dashboards and reports that give you a real-time … Data Privacy and Risk in a Post-GDPR World: Trends and Best Practices
It was only a matter of time before digital security began to assume a much larger role in the geopolitical stage. The explosion of SaaS apps and social media – and their inherent exchange of free services for your data – has lead to unintended consequences from bad actors in the public digital square. Some … GDPR – The Next Global Privacy Paradigm?
Everybody’s heard about the EU General Data Protection Regulation (GDPR), but many erroneously think it’s just another “IT issue”. On the financial end, stiff penalties could severely cut into a company’s bottom line. The insightful CFO, however, sees compliance to be a value investment instead of an IT budget line item. For forward-thinking CFOs, it’s … How CFOs Can Leverage GDPR to Increase Value
Privacy and security are based upon trust transactions. Facebook might claim that it’s secure, but do users still have confidence in the platform? In 2018 as their consumers’ trust in them has slipped, so has its user base. When you trade in the currency of trust, you inherently deal with the other side of the … Why Successful Companies Must Invest In Digital Trust