by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in September 2015 and has been updated for accuracy and comprehensiveness. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on security attestation have been including...
by Chris Dorr | Sep 27, 2016 | ISO 27001 Certification, Third Party Risk Management
While it may not yet have made a big splash outside of the state of New York or outside of financial circles, last week, the New York Department of Financial Services did something very interesting: it proposed a new law outlining specific information security and...
by Mosi Platt | Mar 31, 2016 | ISO 27001 Certification
As an ISO 27001 Certified Lead Implementer living in Atlanta, GA, I hear a lot of people talking about Financial Technology (FinTech) companies, but I don’t hear enough discussion about ISO 27001. I’d like to change that by illustrating how the ISO 27001:2013 standard...
by Mosi Platt | Mar 22, 2016 | ISO 27001 Certification
As an ISO 27001 Certified Lead Implementer living in Atlanta, GA, I hear a lot of people talking about Financial Technology (FinTech) companies, but I don’t hear enough discussion about ISO 27001. I’d like to change that by illustrating how the ISO 27001:2013 standard...
by Vikas Dhanker | Oct 27, 2015 | Third Party Risk Management
Nearly every company shares proprietary information with vendors, or entrusts sensitive customer data to them to store and process. In so doing, you extend to them the responsibility you have to your stakeholders to keep that data secure. Do you know for sure how well...
