by Andrea VanSeveren | Oct 21, 2021 | Application Security
Reading Time: 4 minutes
We need a new compliance model for today’s cloud-first, full cycle software development methods. When “software is eating the world,” checking boxes in an annual audit is no help at all. But what tools and skills will be needed to...
by Andrea VanSeveren | Oct 20, 2021 | Application Security
Reading Time: 2 minutes
In a world where full cycle software development teams release multiple builds to production per day, traditional methods of verifying compliance with cybersecurity and privacy guidelines have fallen by the wayside. A new compliance...
by John Verry | Oct 19, 2021 | ISO 27001 Certification
Reading Time: 4 minutes
If your organization is ISO 27001 certified, you are likely aware that the International Organization for Standardization (ISO) is changing the structure of the ISO 27001/27002 control framework. This is notable because the current...
by Andrea VanSeveren | Oct 13, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
With most cybersecurity frameworks, such as SOC 2 or NIST 800-171, the emphasis is on the controls, with all organizations being obliged to implement the same “one size fits all” control set. Many companies seeking ISO 27001...
by Andrea VanSeveren | Oct 12, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
Organizations that are pursuing ISO 27001 certification often think that the standard is all about the controls. When you’ve implemented and documented all 114 controls in ISO 27001’s Annex A, you’re good-to-go for your certification...
