by Richard Stever | Nov 7, 2019 | InfoSec Strategies
Reading Time: 2 minutes
Recently I had a hypothetical conversation with our marketing director about “what if” a spokesperson or responsible party for a government agency, local municipality, regulated organization or business of any size stood up in public... by Kevin Hermosura | Oct 25, 2019 | Third Party Risk Management
Reading Time: 3 minutes
A SOC 2 attestation is a report from an independent auditor, which states his or her opinion of a company’s internal security and financial controls. SOC 2 doesn’t start with a detailed list of requirements that must be met and how... by Ryan Buckley | Oct 9, 2019 | InfoSec Strategies
Reading Time: 3 minutes
If customers or other stakeholders are asking you for an information security attestation (my guess is they are), which of the leading frameworks do you pick—SOC 2 or ISO 27001? Both enable your organization to demonstrate your IT... by Eddie Taliaferro | Sep 18, 2019 | InfoSec Strategies
Reading Time: 3 minutes
In my work I find that many CISOs are in a Catch-22 position with the businesses they protect. Often CISOs are judged on the number of security breaches or other incidents that are reported on their watch. Ironically, senior... by John Verry | Sep 11, 2019 | InfoSec Strategies, SIEM
Reading Time: 3 minutes
As someone whose SIEM experience started nearly 17 years ago with eSecurity, Network Intelligence and Protego Networks, I find the recent resurgence in the SIEM space very interesting. The list of drivers is long and includes the...
