Your Part of Shared Responsibility in SaaS Cloud

Cloud security isn’t a one-way game. Both businesses and providers are responsible. Ensure you fulfill your part of the shared responsibility in SaaS cloud.

Read more

Cybersecurity in 2023: What to Expect? 

The 2023 cybersecurity landscape promises to be dynamic. Take a look at our shortlist of core events that’ll affect cybersecurity in 2023

Read more

2022 Cybersecurity Year in Review 

The Russian invasion of Ukraine drew the trajectory of 2022 cybersecurity. Learn how the war affected the cyber environment over the passing year 

Read more

GLBA Compliance Updates: Deadline Extended 

The GLBA compliance deadline has been extended to June 9, 2023. Learn about the reasons of this extension and figure out how the GLBA compliance works

Read more

CISO Services: Benefits, Trends, and Functions

CISOs act as shields protecting your company’s property, data, and assets. Learn how to choose the best CISO services for your business.

Read more

Identify your PCI compliance level

Are you a merchant, a service provider or both? Learn how to identify your PCI compliance level.

Read more

Using Data Analytics may not be HIPAA Compliant 

Advocate Aurora exposed 3M PHI due to using data tracking technologies. Ensure compliance when processing and storing PHI and think twice before using data analytics

Read more

RoC, AoC, and Other Elements of PCI DSS Compliance

Take a look at the main parts of PCI DSS compliance and learn why your organization’s merchant level matters

Read more

Protect Yourself Against Social Engineering Attacks 

Most modern human-centric data breaches involve social engineering. Learn how to protect against this kind of attack, and don’t let cybercriminals deceive you

Read more

Social Engineering as the Art of Deceiving

Hackers use different social engineering techniques to trick users into sending money or disclosing sensitive data. Learn how to spot social engineering threats 

Read more

“See Yourself in Cyber”: Human Factor in Cybersecurity

The 2022 Cybersecurity Awareness Month focuses on “people part” of cybersecurity. Learn about the human factor and how hackers use their creativity to exploit human-related vulnerabilities

Read more

Developing Information Security Policy 

Information security policy plays a vital role in protecting data confidentiality, integrity, and availability. Learn how to develop your policy.

Read more

GLBA Updates Reminder 

The GLBA updates become effective in December. Make sure you’ve revised your policies and procedures to comply with new requirements.

Read more

CCPA Showed its Teeth. $1.2 Million Fine for Selling Callifornians’ Data 

A beauty retailer pays $1.2 million fine for CCPA violation. It’s all about using third-party analytics on its website. Learn more with us. 

Read more

CISA and FBI Warn on Zeppelin Ransomware

Federal agencies warn on tactics, techniques, and procedures used by Zeppelin ransomware actors

Read more

Congress Released ADPPA – Draft Federal Privacy Law

ADPPA would enact a unified federal privacy law governing the use of citizens’ personal information. Learn what it means for your business 

Read more

CIRCIA: Critical Infrastructure Now to Report Cyber Incidents and Ransom Payments 

CIRCIA requires critical infrastructure organizations to report substantial cyber incidents and ransom payments. Read more about the new law

Read more

DoD Memorandum Reminds Contractors to Protect CUI

Significant material and reputational risks threaten contractors that have not implemented NIST SP 800-171, as the DoD memorandum states.

Read more

Supply Chain Attacks in Healthcare. The Case of Shields, Eye Care Leaders, and MCG Health 

Data breach reports prove the evolving trend of supply chain attacks in healthcare. Determine who is more responsible for third-party data incidents

Read more

HIPAA Compliance for Start-Ups: Debunked Misconceptions

Small businesses are often led by misconceptions when it comes to HIPAA. Our free e-book can help with proper HIPAA compliance for start-ups.

Read more

2022 RSAС: Key Takeaways

Every year the RSAC keynote speakers bring their unique insights on the future of cybersecurity. Learn what’s new in 2022 RSAC

Read more

Reinforcing the Weakest Security Link with Access Controls 

Weak human firewalls force businesses to adopt advanced access controls. Read our blog to get familiar with access controls that mitigate some of the risks associated with  human factors.

Read more

Building a Successful Zero Trust Strategy

The complexity of the modern cybersecurity landscape is calling for new defense approaches. Learn about zero trust, its main principles, and its mechanisms

Read more

Recent Healthcare Data Breaches. The Importance of Sharing Experience

Healthcare data breaches may give valuable lessons on how to address cyberthreats, yet their details are rarely made public. Learn why sharing the incident experience is crucial for healthcare 

Read more

UCPA: the Most Business-Friendly Privacy Law

The Utah Consumer Privacy Act (UCPA) is considered the most business-friendly state privacy law yet. Learn about the main facets of the law to be ready to comply in the future

Read more

Exploring New Attack Approaches. The Case of Microsoft and Okta

Microsoft and Okta suffered data breaches after a cybercrime group declared them as targets. Learn how the unique attack approach contributed to compromising the tech giants.

Read more

Applying PIPEDA for U.S.-Based Organizations

PIPEDA is the Canadian privacy law for private-sector businesses. Learn how it affects U.S.-Based companies doing business with Canada.

Read more

The State of Ransomware in 2022

Ransomware shows no signs of slowing down while its business model has changed. Read more about the state of ransomware in 2022. 

Read more

Security Awareness Training. Important Things to Know

Digital dependency prompts businesses to strengthen their technological defenses. Learn how security awareness training helps reduce cybersecurity risks. 

Read more

Cyberthreats and National Security

Practically all businesses are vulnerable to cyberthreats, and national security is not an exclusion. Learn how this tendency affects the decision-making process in national and business environments.

Read more

Mobile Device Security

Learn about best practices that will enhance mobile device security and enable businesses to provide their employees with secure access to corporate resources

Read more

You’ve Been Breached. What to Do?

A data breach may be detrimental for businesses but much depends on their response. Learn how to react quickly and decisively if you’ve been breached. 

Read more

All You Need to Know About GLBA Compliance in Higher Education

Cyberattacks plague colleges and universities. Learn why GLBA compliance in higher education institutions is important.

Read more

Supply Chain Attacks and Cybersecurity

Supply chain attacks are on the rise. Learn how to align security efforts within your supply chain to reach a more desirable level of cyber protection.

Read more

Reviewing the 2021 Healthcare Data  Breaches

The year 2021 appeared challenging, given the number and severity of healthcare data breaches. Review some of the most severe incidents and get key takeaways of the past year.

Read more

2022 Cybersecurity Trends

Cybercriminals are getting more motivated, organized, and sophisticated in executing attacks. Read our blog to learn about 2022 cybersecurity trends. 

Read more

SOC 2 + HIPAA: Combining Two Audits

HIPAA is one of the most frequently demanded subject matters for SOC 2 audits. Learn more about the main peculiarities of the SOC 2 + HIPAA. 

Read more

SOC 2: Specific Criteria for Controls Evaluation

The Security category is imperative for all SOC 2 engagements; but what if your commitments to customers and services demand including other criteria? 

Read more

SOC 2: Common Criteria for Controls Evaluation

Every SOC 2 audit encompasses from one to five categories while Security is a must-have. Learn more about how the Security-related controls are evaluated.

Read more

Fall 2021: Summary of Healthcare Data Breaches

Fall 2021 showed a slight increase in reported healthcare data breaches. Acquire the main tendencies, channels, and locations of cyberthreats.

Read more

PIA vs. DPIA: the Purpose and Requirements

Organizations that fall under the EU’s GDPR may be required to perform DPIA. Learn more about the requirement and how it differs from the PIA.

Read more

vCISO: a Solution for Small Businesses

Small organizations often lack a dedicated leader to manage their security and compliance needs. Learn how vCISO can help.

Read more

FedRAMP: Core Things to Know About the Program

FedRAMP Authorization is the main prerequisite to offering cloud services to the U.S. government. Learn more about the authorization requirements.

Read more

Cyber Incident Reporting on Critical Infrastructure 

Following SolarWinds & Colonial Hacks, security officials Introduced draft legislation on cyber incident reporting. Learn how it may affect your organization

Read more

#BeCyberSmart: Common Tips to Fight Against Phishing

One of the primary 2021 Cybersecurity Awareness Month’s focuses is resisting the phishing threat. Read how to fight against phishing and #BeCyberSmart!

Read more

Getting Ready for SOC 2 Audit: Where to Start?

SOC 2 is becoming a synonym for a reliable service provider. Learn how to prepare your organization for the SOC 2 audit and get a favorable audit opinion.

Read more

CCPA vs. CPRA: Upcoming Changes to the Law 

Discover what updates CPRA will bring to CCPA’s data privacy requirements and realize their implications for your organization. 

Read more

Ensuring Business Continuity at the Time of Disasters

Disasters may be detrimental to organizations that don’t have an emergency plan. Planet 9 advises on how to ensure business continuity during a disaster. 

Read more

Data Security in Context of CCPA Compliance

CCPA grants Californian consumers privacy rights while imposing obligations on businesses. Learn how to meet these obligations and achieve CCPA compliance.

Read more

Core Aspects of California Consumer Privacy Act (CCPA)

A detailed overview of the California Consumer Privacy Act (CCPA) and its requirements for data privacy. Learn how to work with consumers’ data in California. 

Read more