Blog Posts
How to Conduct an Internal Audit: A Comprehensive Guide
In today’s digital age, external compliance audits and third-party attestations (e.g., SOC 2) have become increasingly crucial in B2B purchase decisions. Not only do they provide an objective third-party verification of a ...
Secure Software Development: Best Practices, Frameworks, and Resources
Just how important is building secure software today? Well, given the never-ending string of cyberattacks that succeed by taking advantage of software vulnerabilities, it’s become essential for organizations to purchase and use ...
Who You Gonna Call? For Incident Response
Gary Perkins, Chief Information Security Officer Globally, no organization is immune to attack. Cybersecurity threats are a reality and every organization, anywhere in the world, is a potential target, regardless of location ...
2024 IT Risk and Compliance Benchmark Report Findings: Why Unifying Risk and Compliance Work Is No Longer Optional
Each year, we ask over 1,000 IT and GRC professionals about their priorities for the coming year and operational aspects, like changes to budgets, staffing, challenges, and much more. What we found ...
HIPAA Compliance: Why It Matters and How to Obtain It
What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) of 1996 Security Rule established standards for protecting individuals’ electronic personal health information (PHI) (which includes any identifiable health information, such ...
Cybersecurity in Financial Disclosures: 11 Topics Your Section 1C of 10-K Filings Should Address
Last year, the Securities and Exchange Commission (SEC) announced new disclosure rules for publicly traded companies. Regulation S-K Item 106, which mandates cybersecurity disclosures in corporate 10-K filings, sheds light on how ...
Safeguarding Patient Data with HITRUST Compliance: A Comprehensive Guide for Healthcare Technology Companies
Healthcare organizations increasingly rely on technology to store, manage, and transmit sensitive patient information. As a result, safeguarding patient data against cyber threats and ensuring compliance with regulatory standards is critical, and ...
The Weakest Link: Securing The Human Element From Cyberattack
By: Chris Clements, VP of Solutions Architecture The Problem As humans, we tend to trust the people around us in most situations simply by default. We usually don’t assume that the cook ...
Why IT General Controls Are Important for Compliance and Cybersecurity
IT general controls are among the most important elements of effective compliance and IT security. So it’s a bit strange that many businesses — and compliance professionals, for that matter — struggle ...
Balanced IT: Humanizing AI in Client Experience
By: Tigran Safari, Client Experience Manager, Secured Managed Services How can we clear our minds of preconceived notions about Artificial Intelligence? How can we approach this ongoing technological revolution without apprehension? AI ...