Automating NIST Cybersecurity Framework Control Info
Automating the National Institute of Standards and Technology (NIST) Cybersecurity Framework control documentation and processes is one way to help build a strong cybersecurity foundation. T ...
January 30, 2023
Security Posture: Definition and Assessments
For most companies, determining acceptable levels of risk is a subjective exercise. The decision typically rests on the ethos of senior leadership: Are they growth-oriented risk-takers, or m ...
January 3, 2023
Information Security vs. Cybersecurity: Main Differences
Cybersecurity and information security are often assumed to be synonymous terms. They're not. On the contrary, they have several critical differences that security professionals should under ...
April 4, 2022
Risk Mitigation in Software Engineering
Developing software while preserving its embedded security can feel like an impossible task. As you update your product, you’re potentially adding new vulnerabilities. So as part of the ri ...
August 12, 2021
How to Protect Your Data From Ransomware
If the word "ransom" makes you think of old crime movies, where the darling child of the sheriff is held captured until a certain sum of money has been paid, then you have a good idea what r ...
May 26, 2021
ISO 27001 Firewall Security Audit Checklist
Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation ( ...
August 27, 2020
Network Security Audit Checklist
Every company that uses computers and the Internet should be concerned about information security and particularly, network security. The number of threats each company faces is growing e ...
August 4, 2020
How the COSO Framework Helps You Comply with SOX
In May 2013, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated Internal Control-Integrated Framework. COSO is an organization that aims to impr ...
June 4, 2020