by Chris Dorr | Sep 27, 2016 | ISO 27001 Certification, Third Party Risk Management
While it may not yet have made a big splash outside of the state of New York or outside of financial circles, last week, the New York Department of Financial Services did something very interesting: it proposed a new law outlining specific information security and...
by Mosi Platt | Mar 31, 2016 | ISO 27001 Certification
As an ISO 27001 Certified Lead Implementer living in Atlanta, GA, I hear a lot of people talking about Financial Technology (FinTech) companies, but I don’t hear enough discussion about ISO 27001. I’d like to change that by illustrating how the ISO 27001:2013 standard...
by Mosi Platt | Mar 22, 2016 | ISO 27001 Certification
As an ISO 27001 Certified Lead Implementer living in Atlanta, GA, I hear a lot of people talking about Financial Technology (FinTech) companies, but I don’t hear enough discussion about ISO 27001. I’d like to change that by illustrating how the ISO 27001:2013 standard...
by Vikas Dhanker | Oct 27, 2015 | Third Party Risk Management
Nearly every company shares proprietary information with vendors, or entrusts sensitive customer data to them to store and process. In so doing, you extend to them the responsibility you have to your stakeholders to keep that data secure. Do you know for sure how well...
by John Verry | Sep 2, 2015 | Penetration Testing
Recently I’ve noticed that a longstanding trend in security attestation is taking on a new twist. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on security attestation have been including penetration testing as part of...
