by Andrea VanSeveren | Oct 21, 2021 | Application Security
Reading Time: 4 minutes
We need a new compliance model for today’s cloud-first, full cycle software development methods. When “software is eating the world,” checking boxes in an annual audit is no help at all. But what tools and skills will be needed to...
by Andrea VanSeveren | Oct 20, 2021 | Application Security
Reading Time: 2 minutes
In a world where full cycle software development teams release multiple builds to production per day, traditional methods of verifying compliance with cybersecurity and privacy guidelines have fallen by the wayside. A new compliance...
by Andrea VanSeveren | Oct 13, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
With most cybersecurity frameworks, such as SOC 2 or NIST 800-171, the emphasis is on the controls, with all organizations being obliged to implement the same “one size fits all” control set. Many companies seeking ISO 27001...
by Andrea VanSeveren | Oct 12, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
Organizations that are pursuing ISO 27001 certification often think that the standard is all about the controls. When you’ve implemented and documented all 114 controls in ISO 27001’s Annex A, you’re good-to-go for your certification...
by Andrea VanSeveren | Oct 11, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
If your company is working towards ISO 27001 certification, you may be laser-focused on achieving that goal, and perhaps not worrying about what other cybersecurity and privacy efforts might need to come later. But with a little...
