News
Third-Party Risk Assessments as Business Development Tools
Why Third-Party Security Protection Is a Critical Business Strategy Many organizations think of third-party risk assessments as something that must be done to tick a box. Progressive organizations understand that third-party risk assessments can be used strategically, to help develop their businesses. Here’s why. What Is a Third-Party Risk Assessment? A third-party risk assessment is…
Read MoreAn Introduction to PCI-DSS Penetration Testing
All You Need to Know to Get Started and Avoid Non-Compliance PCI-DSS (Payment Card Industry Data Security Standards) is a set of standards that you’ll need to comply with if you accept payments by card. You’ll need to demonstrate that you maintain a secure network and that you manage vulnerabilities to protect cardholder data. This…
Read MoreOur Client Wants Us to Have a Penetration Test. What Now?
All You Need to Know About Penetration tests Your client has asked you to conduct a penetration test. You’re not even sure what this is. You certainly don’t know what it entails, or who should perform it. What should you do? Understand Why a Client Wants You to Have a Penetration Test One of the…
Read MoreCybersecurity 101: Recruiting in a Candidate-Driven Market
Tip for More Effective Hiring For your organization to remain secure and competitive in the digital world, you need the best staff in the cybersecurity industry. You know this, yet you’re struggling to fill your cybersecurity jobs with high-caliber candidates. Why? Your biggest challenge in hiring today is that you’re in a candidate-driven market. But…
Read MoreA Quick Guide to Cybersecurity Tips for the Holiday Season
Cyber Safety for Employees and Businesses Hacking is one of the fastest-growing criminal activities, and when the holiday season is upon us, it only gets worse. The hackers are out with their eyes on personal and business data. Seasonal employees and interns are a major threat – used by cybercriminals to infiltrate your business from…
Read MoreTop 6 ISO 27001 and SOC 2 Auditor Pitfalls to Avoid
Plus Tips on How to Avoid Them Whether you require an ISO 27001 audit or a SOC 2 audit, you will probably rely on your auditors to give you the best advice they can. But, to paraphrase George Orwell’s words in Animal Farm, “All audit practices are equal, but some are less equal than others.”…
Read MoreShould I Choose ISO 27001 or SOC 2 For My Audit Framework Measure?
Analyzing What Matters to Help You Decide Which Is Best for You When a company is focused on IT security, it must implement ISO 27001 or SOC 2 as part of its security objectives. As we head toward audit season, which should you choose? In this article, we look at the main similarities and differences…
Read MoreGoogle Staffers Face Pay Cuts If They Choose to Work Remote: Why This Is An Issue
The WFH Dilemma Remote working has been a contentious issue as of late with Google announcing recently that they are planning to cut the pay of their workers that choose to remain to work from home. This decision comes after other big name companies like Facebook and Twitter who have previously decided to do the…
Read MoreMy Biggest Client Just Sent Me a Security Questionnaire, What Do I Do?
7 Steps to Security Fulfilment When you receive a security questionnaire from your biggest client, you’ll need to ensure that you complete it correctly or risk the client taking their business elsewhere. With the number of cyberattacks increasing, and supply chain attacks increasing by 430% in a single year, the probability of being sent a…
Read MoreAs Hacking Threats Rise So Does The Demand For CISOs: Why Virtual CISOs May Be A Solution For Some
What Is A CISO? With the increasing surge of cyber attacks that have occurred in the past few months, companies are prioritizing their cybersecurity now more than ever. For businesses that have never had any guidance in this area of expertise, hiring a professional such as a CISO for instance, may be a good first…
Read More