Nowadays, all kinds of companies are expanding their horizons and pushing their boundaries beyond what can be done in a physical office space. Even before the COVID-19 pandemic and its effects on businesses across the world, mobility and flexibility have been strategic priorities. Now, our new normal has made most businesses at least partially remote.
Category: Compliance Standards
Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.
-
Top Tech for Your Zero Trust Cybersecurity Architecture
“Do not trust anyone!” The catchphrase that best describes zero trust, is a security concept encouraging organizations to automatically distrust all network activity. As this security concept gains traction, many security providers are flooding the market with solutions. In this article, we will unpack the top technologies for a zero trust cybersecurity architecture.
-
NERC vs. NIST: Choosing the Right Infrastructure Cybersecurity Framework
Cybersecurity implementation can be a long and complicated process if your organization hasn’t been built with security as a part of its design. This is why different committees, interest groups, governments, and cybersecurity professionals come together to develop robust cybersecurity frameworks and regulations.
Depending on the industry that your organization is part of, these frameworks and regulations may be known to you as CIS CSC, NIST, ENISA, ISO 27001 ect. With so many frameworks it is hard to know which is best suited to your organization’s needs. Although all frameworks have their merit, some pertain to either specific industries or requirements.
-
How Your Business Can Prepare For California’s Privacy Act
The year 2020 saw the California Consumer Privacy Act (CCPA) enforcement, a landmark law that provides the most comprehensive consumer data protection in the United States of America. Its effects are far-reaching, especially for businesses. This is why it is crucial to have a thorough approach to comply with its requirements. When it comes to how to prepare for CCPA, we will guide you through everything you need to know.
-
Canada’s PIPEDA vs. EU’s GDPR: What’s the Difference?
Canada’s PIPEDA vs. EU’s GDPR: what are they, and why should companies heed then?
Simply put, they are in place to protect consumers’ privacy. The laws are so similar that the EU has decided that the practices in Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) are ‘adequate’ by their standards.While the EU may agree with Canada’s privacy policies, it does not mean that if a U.S. company is compliant with one, it automatically meets the requirements of the other. The General Data Protection Regulation (GDPR) and PIPEDA do have some differences, and if your company does business in Canada and Europe it must be compliant with both.
-
Implementing a Zero Trust Network Security Strategy
There’s been a paradigm shift over the past decade and a half in the world of cybersecurity. Whereas older models and systems prioritized perimeter defense, the definition of “perimeter” itself has changed over time. Today, businesses are increasingly mobile and remote, utilizing cloud servers to extend the workforce far outside the office or headquarters.
These changes are all the more necessary in our current environment of pandemic response. Our mandated practices of social distancing and work from home (WFH) have created an environment in which every company is rethinking its perimeters in real time. These challenging times call for new practices, and zero trust framework is the future of cybersecurity.
-
Monthly Webinar Recap – A 360 Degree View of CCPA Compliance – Ft. Darktrace & Procopio
The California Consumer Privacy Act (CCPA) went into effect on January 1st, 2020. Any merchant or company doing business in California – the world’s fifth-largest economy – should be CCPA compliant.
However, many businesses are finding it difficult to navigate through the requirements necessary to be compliant.
To help clear up the confusion companies are feeling about another set of privacy regulations, on June 25th, 2020, experts from RSI Security, Darktrace, and Procopio Legal, hosted an information webinar.
-
What is PCI Network Segmentation Testing?
Practically every business must fear—or at least be wary of—the threat of cyberattacks. This is especially true for businesses that process, transmit, or store payment data. It’s very likely that your business performs one of if not all three of those actions. If that’s the case, then you’re required to follow the Payment Card Industry Data Security Standard (PCI-DSS). Additionally, it’s strongly encouraged that you conduct biannual PCI network segmentation testing.
-
How Zero Trust Architecture Helps Secure the Cloud
Cloud technology has revolutionized the way businesses operate all across the world. Cloud servers enable any company to leverage others’ computing capabilities to mobilize their own workforces, enabling greater flexibility in all business operations. Whether it’s enabling the storage of sensitive data or work from home, the cloud is key to all businesses’ future.
-
Can You Really Afford PCI Non Compliance?
It’s surprising how many businesses ask this question. Sometimes the cost of meeting compliance regulation seems to outweigh the risks. There are fees associated with not meeting the payment card industry (PCI) compliance regulations, but are these fines comparable to the cost of implementing the required cybersecurity protocols?