Managing Compliance Issues within the Value Chain

Blog / May 17, 2018

By kip boyle

Align your compliance requirements with your other business requirements so you can distinguish what you must do from what’s nice to do.

Breach Costs Are Rising with the Prevalence of Lawsuits

Blog / May 2, 2018

By ray pompon

When it comes to tallying the total cost of a data breach, lawsuits figure prominently, alongside repair costs, loss of reputation and sales, compliance penalties, and operational downtime.

5 Fun Facts About the 2018 Singapore Cybersecurity Statute

/ Apr 19, 2018

By david holmes

Fun Fact #2: the author is looking forward to being a card-carrying Singaporean crime fighter (temporarily) someday.

Achieving Multi-Dimensional Security Through Information Modeling—Modeling Inversion Part 5

Blog / Dec 26, 2017 (MODIFIED: Jan 12, 2018)

By ravila white

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

Avoiding the Epidemic of Hospital Hacks

Blog / Dec 5, 2017 (MODIFIED: Jan 9, 2018)

By ray pompon

Good security is highly dependent on hospital staff being well trained and having the discipline to follow security processes—manual and otherwise—to the letter.

Achieving Multi-Dimensional Security Through Information Modeling—Unwrapping Controls Part 4

Blog / Nov 28, 2017 (MODIFIED: Jan 2, 2018)

By ravila white

In Part 3 of this blog series, we demonstrated modeling the threat landscape along with executive threat-modeling. In this blog, we discuss the importance of defining controls.

How to Be a More Effective CISO by Aligning Your Security to the Business

Blog / Oct 17, 2017 (MODIFIED: Nov 28, 2017)

By ray pompon

Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.

CISOs: Striving Toward Proactive Security Strategies

Article / Sep 19, 2017 (MODIFIED: Nov 9, 2017)

By mike convertino

As enterprises more closely align their security and IT operations, they still struggle to shift their security programs from reactive to proactive.

Achieving Multi-Dimensional Security Through Information Modeling—Executive Threat Modeling Part 3

Blog / Aug 23, 2017 (MODIFIED: Oct 10, 2017)

By ravila white

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

How to Avoid the Six Most Common Audit Failures

Blog / Jul 18, 2017 (MODIFIED: Sep 1, 2017)

By ray pompon

A veteran auditor told us how organizations fail audits. Here are six detailed strategies to help you achieve success.

Who Should the CISO Report To?

Blog / Jul 11, 2017 (MODIFIED: Aug 24, 2017)

By ray pompon

Savvy organizations that understand the gravity of cyber security are giving CISOs a voice at the executive table.

The Six Most Common Audit Failures

Blog / Jun 29, 2017 (MODIFIED: Aug 15, 2017)

By kyle robinson

A veteran auditor walks through where he’s seen organizations fail during audit.

Achieving Multi-Dimensional Security Through Information Modeling—The Master Model Part 2

Blog / Jun 22, 2017 (MODIFIED: Aug 3, 2017)

By ravila white

Understanding the customer segment of your organization is critical to developing a strategy that ensures regulatory compliance.

10 Ways Organizations Can Get Ready for Breach Disclosure

Blog / Jun 8, 2017 (MODIFIED: Jul 20, 2017)

By ray pompon

Facing data breach disclosure requirements across the globe, organizations need to be prepare in advance to respond well.

Can Your Risk Assessment Stand Up Under Scrutiny?

Blog / May 9, 2017 (MODIFIED: Jul 24, 2017)

By ray pompon

Regulators can sanction organizations that perform improper or inadequate risk assessments. Here’s what you need to know to stay in the clear.

Achieving Multi-Dimensional Security through Information Modeling – Part 1

Blog / May 4, 2017 (MODIFIED: Jul 18, 2017)

By ravila white

Applied to InfoSec, information modeling is a powerful technique for designing multi-dimensional security controls that minimize risk and achieve compliance.

Follow us on social media.