RSI Security

Blog

  • The 6 Phases of the Incident Recovery Process

    The 6 Phases of the Incident Recovery Process

    Even with robust cyberdefenses, your network is still susceptible to hackers, social engineers, ransomware, and other digital hazards. Given the rapid development of technology, there are bound to be some holes and flaws that malicious actors can utilize to stage an attack or gain access to your system. For cases like these, developing a comprehensive incident recovery process is your best response. (more…)

  • HITRUST Levels and the HITRUST CSF Control Maturity Model

    HITRUST Levels and the HITRUST CSF Control Maturity Model

    The HITRUST Alliance has helped streamline cybersecurity and compliance for companies across all industries since it was founded in 2007. It offers businesses the CSF—a unified regulatory framework that combines controls from various others into a single simplified system. (more…)

  • How Long Does It Take to Get HITRUST Certified? Timeline and Factors to Consider

    How Long Does It Take to Get HITRUST Certified? Timeline and Factors to Consider

    Organizations that achieve HITRUST certification benefit from streamlined compliance across many industries. However, the timeline for HITRUST certification depends on organization readiness and several compliance considerations. Read on for a HITRUST 101 breakdown of the certification timeline. (more…)

  • Pen Testing Tools: Open Source vs. Professional Managed Solutions

    Pen Testing Tools: Open Source vs. Professional Managed Solutions

    If you’re considering options for pen-testing tools, open-source and managed solutions are probably amongst your top choices. Of course, there are numerous pros and cons for each, and, in some cases, there are instances that are better suited for one or the other. However, most organizations will derive more substantial benefits from using professional, managed solutions.   (more…)

  • The Dos and Don’ts of Enterprise Identity Management

    The Dos and Don’ts of Enterprise Identity Management

    With a greater number of users comes an increased risk of security threats. Robust enterprise identity management practices are essential to mitigating these risks while allowing for continued growth. Follow best practices and avoid common pitfalls to meet user access needs and keep your organization’s data secure. (more…)

  • What is the CCPA Breach Notification Timeline?

    What is the CCPA Breach Notification Timeline?

    If your business processes data belonging to residents of California, and you meet certain size or revenue requirements, you must abide by the California Consumer Privacy Act (CCPA). It doesn’t matter where your company is located; it can impact you regardless. A significant aspect of compliance is CCPA data breach notification. Similar to other frameworks in the US and globally, data subjects have a right to know if their information has been compromised. (more…)

  • What is the Red Flag Rule?

    What is the Red Flag Rule?

    Identity theft affects millions of people every year. It carries a high cost for both individuals and organizations, so regulations require many financial institutions and creditors to protect account holders against identity theft. The patterns and activities used to recognize identity theft are called red flags, so these regulations are known as “the Red Flags Rule.” (more…)

  • Webinar Recap: ROI with a HITRUST Certification – Measuring the Benefits

    Webinar Recap: ROI with a HITRUST Certification – Measuring the Benefits

    RSI Security hosted a webinar on measuring the ROI and benefits of HITRUST certification. Tom Glaser, a Security Assessor with RSI Security, led the presentation. (more…)

  • Guide to NIST SP 800-171, CMMC, and NIST SP 800-53 Compliance

    Guide to NIST SP 800-171, CMMC, and NIST SP 800-53 Compliance

    If your organization works with government entities as a contractor, you probably have some questions about NIST SP 800-171, CMMC, or even NIST SP 800-53 compliance. Below, we’ll answer questions like what is NIST SP 800 171, how does CMMC differ from it, and what are NIST 800-53 controls? Understanding the answers to these questions covers most everything you need to know for the DoD compliance efforts necessary to secure lucrative contracts with the military and other agencies. (more…)

  • Top 8 Cyber Security Problems a vCISO Can Help Solve

    Top 8 Cyber Security Problems a vCISO Can Help Solve

    Protecting network resources and data from unauthorized access, compromise, and destruction is an organization-wide priority in today’s highly connected world. The role of a Chief Information Security Officer (CISO) is to strategize and manage these efforts, overseeing the identification, analysis, and remediation of various cyber security problems. A virtual CISO (vCISO) fulfills the same role via outsourcing, solving security issues and optimizing cyberdefense ROI. (more…)