by Andrea VanSeveren | Apr 22, 2021 | InfoSec Strategies
Reading Time: 3 minutes
A wise CISO once said: “The only thing worse than no cybersecurity guidance is too much cybersecurity guidance.” In today’s world, we are blessed/cursed with multiple, interrelated and cross-referenceable standards of comparable...
by Eddie Taliaferro | Jul 22, 2019 | InfoSec Strategies
Reading Time: 2 minutes
It sometimes happens in the course of supporting clients during ISO 27001 certification projects or other information security assessments that we uncover “check-the-box” documents. For example, these might be policies that were...
by John Verry | May 9, 2019 | InfoSec Strategies
Reading Time: 3 minutes
If your company is like many of our SMB/SME clients, GDPR was a short-lived event. You heard about the regulation, kicked-off a GDPR project, realized how significant the work effort was and how limited the likelihood of an action...
by Jeremy Sporn | Jan 2, 2019 | ISMS Consulting
Reading Time: 2 minutes
Legal firms are no strangers to regulations. But cybersecurity regulations coming from the American Bar Association (ABA)… that is a new one. The truth is, this has been coming for some time. Industry-specific regulations on privacy...
by John Verry | Sep 27, 2018 | Government
Reading Time: 3 minutes
With the EU’s GDPR now in force and California just enacting its Consumer Privacy Act (AB 375), the two-minute warning has sounded for US businesses that work with consumers’ personal data. You must move to implement privacy policies...
