by Jeremy Sporn | Sep 14, 2020 | ISO 27001 Certification
Reading Time: 2 minutes
Many organizations seeking ISO 27001 certification face other cybersecurity compliance audits as well, like SOC 2, ISO 27701, HITRUST, FedRAMP and/or CMMC. If that applies to your company, consider the benefits of...
by Richard Stever | Nov 7, 2019 | InfoSec Strategies
Reading Time: 2 minutes
Recently I had a hypothetical conversation with our marketing director about “what if” a spokesperson or responsible party for a government agency, local municipality, regulated organization or business of any size stood up in public...
by Kevin Hermosura | Oct 25, 2019 | Third Party Risk Management
Reading Time: 3 minutes
A SOC 2 attestation is a report from an independent auditor, which states his or her opinion of a company’s internal security and financial controls. SOC 2 doesn’t start with a detailed list of requirements that must be met and how...
by Ryan Buckley | Oct 9, 2019 | InfoSec Strategies
Reading Time: 3 minutes
If customers or other stakeholders are asking you for an information security attestation (my guess is they are), which of the leading frameworks do you pick—SOC 2 or ISO 27001? Both enable your organization to demonstrate your IT...
by Eddie Taliaferro | Sep 18, 2019 | InfoSec Strategies
Reading Time: 3 minutes
In my work I find that many CISOs are in a Catch-22 position with the businesses they protect. Often CISOs are judged on the number of security breaches or other incidents that are reported on their watch. Ironically, senior...
