Qualitative vs. Quantitative Risk Assessments in Cybersecurity
Blog Assessing the risks within your cybersecurity system is one of the key priorities to address when conducting an ISO 27001 project or a related audit. It can be accomplished using quantitative risk analysis, qualitative risk analysis, or a combination...
HITRUST Certification Requirements
Blog To streamline the complex process of complying with a wide range of security standards, representatives from information security, technology, business, and healthcare formed a consortium known as the Health Information Trust Alliance (HITRUST). The...
ISO 27001 Checklist
ISO 27001 (formerly known as ISO/IEC 27001:27005) is a set of specifications that helps you to assess the risks found in your information security management system (ISMS). Implementing it helps to ensure that risks are identified, assessed and managed in a...
ISO 27001 Risk Assessment Methodology
Blog Conducting an internal ISO 27001 audit enables you to assess your company’s security equipment, systems, protocols and procedures to ensure that they are in compliance with industry standards. One of the most important aspects of this process involves...
How to Conduct an Internal ISO 27001 Audit
Blog In order for your information security management system (ISMS) to be viable, you must periodically receive an internal, independent audit that shows how it is meeting the requirements of the IEC ISO 27001 standard. Since organizations, particularly...
Decoding PCI DSS Merchant Levels: A Guide to Compliance
Blog For one to ensure that payment card information remains secure, it’s crucial that you understand the PCI DSS merchant levels. Classified under these levels are the company’s activities, either grouped in relation to the volumes of its transactions or...
Cyber Threat Hunting
Your company’s network is a complex environment managed by many moving parts. That makes detecting intruders a constant challenge. The truth is that cyber attackers and malware can lurk undetected in your system for days, weeks or months stealing credentials, doing...
Security Patch Management Best Practices
One indisputable fact about today’s software and firmware is that change is inevitable. When vulnerabilities or bugs are discovered or an upgrade is necessary because of evolving technology, a patch is released. Patch management security involves ensuring that all...
Third Party Data Breach: How to Prevent and What To Do
These days, companies of all sizes are outsourcing many of their operations to third party vendors. In order for these subcontractors to do their jobs, they must gain admission to some or all of your data, including things like API keys and sensitive customer...
Vendor Management Best Practices
Blog Vendors perform a critical role for most businesses today. When the relationship between an organization and the companies and contractors with whom it does business is managed effectively, all parties reap the benefits. Creating and implementing a...
