Privacy by Design certification helps ensure acceptable privacy standards per the European Union’s (EU) General Data Protection Regulation (GDPR). Although certification is not explicitly a GDPR requirement, the concept of…
-
-
System and Organizations Controls (SOC) reporting comes in multiple varieties, with each kind applying to different industries or intended for different audiences. SOC 2 is primarily aimed at Software-as-a-Service (SaaS)…
-
Cloud security tools have never been more critical to day-to-day operations. With so many organizations moving increasing amounts of their functionality into the cloud and increasing their reliance on cloud-based…
-
In the context of ever-escalating cyberthreats, a dedicated Chief Information Security Officer (CISO) proves to be indispensable. A CISO provides invaluable direction and can help avert potentially debilitating crises. But…
-
Enterprise Security Architecture Requirements and Best Practices for Sustained Growth
by RSI Securityby RSI SecuritySecurity architecture can be defined as the controls that support IT infrastructure. For a large enterprise, security architecture extends beyond prescriptive processes; it must adapt to address evolving cybersecurity threats…
-
In November 2021, the U.S. Department of Defense (DoD) introduced major updates to the Cybersecurity Maturity Model Certification(CMMC) program. These changes left many organizations in the Defense Industrial Base (DIB)…
-
Overseen by the American Institute of Certified Public Accountants (AICPA), SOC 2 evaluates the implementation of effective standards and controls for organizations outside the financial sector, including software-as-a-service (SaaS) providers.…
-
Recap: Understanding SOC 2 Reports: Types, Purposes & Key Benefits Explained
by RSI Securityby RSI SecurityRSI Security hosted a webinar with Mueller to discuss the types, purposes, and benefits of SOC 2 reports. Panelists discussed aspects of SOC 2 audits, risk management, and assessment of…
-
What Can You Do After a HITRUST Assessment Failed? Top Remediation Strategies
by RSI Securityby RSI SecurityWith more than 20 individual processes, requirements, and standards under its umbrella, the HITRUST Alliance provides a centralized set of guidelines for professionals in the healthcare industry and beyond. Unfortunately,…
-
HIPAA is the leading regulatory framework that governs how healthcare organizations use, store, and transmit confidential patient information. Nearly every entity connected to the healthcare industry, whether directly providing care…