Almost all organizations use some form of cloud storage or computing for their day-to-day operations. Yet, as convenient as they are, cloud environments come with risks for all assets, systems,…

Identity and access management (IAM) is critical to mitigating access control risks and safeguarding sensitive data environments. Although open-source identity and access management tools and those managed professionally provide IAM…

The WannaCry attacks reached a record high in this past week and the root cause of the chink in the Cybersecurity amour can be traced primarily back to lack of…

Auditing laws cover various topics and industries from social media privacy to financial transactions. Each auditing process targets different weaknesses in order to tackle the risks that accompany technological advancements.…

Organizations that work closely with the US government need to take special precautions to safeguard data that government agencies deem sensitive. One of the most common kinds of data that…

Compliance with the NERC CIP standards is critical to mitigating cybersecurity risks to North America’s bulk electric system (BES), which is also known as the bulk power system (BPS). The…

A PCI compliance test is one of the most effective ways organizations can protect cardholder data (CHD) and sensitive authentication data (SAD) from cyber threats. The Payment Card Industry Security…

Privacy by design (PbD) is a preventative approach to data privacy protection developed by Dr. Ann Cavoukian in the 1990s. Its initial purpose was to develop a robust, scalable model…

Healthcare organizations and their partners face growing privacy and security risks when handling patient data. To safeguard this information, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets…

Patch management is critical to keeping your security controls up-to-date and protecting your organization against cybersecurity threats. You may be wondering: what are security patch updates, and how do they…