Reaching a level of “privacy by design and default” does not have to be an uphill battle for your organization. By implementing the tools and outlined by the GDPR, ascending to higher levels of data protection becomes achievable.
Blog
-
Basics of the CIS Hardening Guidelines
Physical protection brings to mind video cameras, combination locks, and motion detectors, all designed to prevent intruders from breaching a facility. Likewise, IT and cybersecurity professionals rely on system hardening to reduce the number of “unlocked” doors that malicious actors can exploit. The Center for Internet Security (CIS) seeks to make the hardening process understandable and encourage its use throughout multiple industries.
-
What are the 19 HITRUST Domains?
Learning about the 19 HITRUST domains is essential to mastering data protection. It may sound technical and complex, but we will walk you through the HITRUST Common Security Framework (CSF).
-
Overview of CIS Security Controls Version 7
The Critical Security Controls for Effective Cyber Defense is a brainchild of the Center for Internet Security (CIS). More popularly known as the Critical Security Controls Version 7, 20 guidelines are based on the latest database of experts about cyberattacks.
-
Are Your Internet Security Standards CIS CSC Compliant?
News reports have never run out of distressing stories about Internet security standards. Credit card breaches, identity theft, privacy threats, denial of service, intellectual property theft, and data losses are just a few of the notorious cybercrimes committed online. (more…)
-
Conducting a Quantitative Risk Analysis Assessment
Risks are part of everyday life, particularly in industries and businesses. But with the right analytics and mindset, risks can be managed, minimized, and mitigated. One such effective solution is the use of Factor Analysis of Information Risk or FAIR, a highly specialized form of quantitative risk analysis and quantitative risk assessment. (more…)
-
Pros and Cons of Factor Analysis of Information Risk
Risks are inevitable. But it doesn’t have to cause damage to company operations all the time. If these situations can be analyzed, they can be managed. This is the reasoning behind FAIR or Factor Analysis of Information Risk. But is it for your organization? Let’s weigh it with these FAIR pros and cons.
-
Law Firm Security Requirements: Do They Need a Cybersecurity Partner?
For the legal industry, the cybersecurity goals of protecting proprietary information, data, and systems go hand in hand with client confidentiality. Yet, one in four legal firms experiences a data breach, and many firms still do not understand law firm security requirements or cybersecurity policy requirements.
-
Overview of NIST 800-171 Revision 1
The National Institute of Standards and Technology (NIST) published its first draft of Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, back in December of 2016. It’s undergone several revisions since then, with the final version of NIST 800-171 Revision 1 published in 2018 (and Rev 2 in 2020).
-
Advanced Cybersecurity Guide to FAIR Assessment Methodology
The FAIR risk assessment methodology aims to find cybersecurity vulnerabilities within a system. Factor Analysis of Information Risk (FAIR) is a framework that provides defense against online threats by using mathematical concepts of precision and accuracy. (more…)