%term

From spreadsheets to programmatic risk registers

May 1, 2025 By Richa Tiwari In TrustCloud

Technical leaders and risk management professionals are frequently confronted with the challenge of transitioning from outdated, manual methods towards scalable, automated solutions in the dynamic landscape of modern risk management. The evolution from traditional spreadsheet-based risk registers to contemporary programmatic risk registers epitomizes this shift.

Read Post

TrustCloud

Read more about From spreadsheets to programmatic risk registers

VantaCon UK 2024 | The State of Trust in AI World

Apr 30, 2025 By Vanta In Vanta

Security and compliance experts share their insights and analysis of Vanta’s State of Trust Report in this panel discussion.

View Video

Vanta

Read more about VantaCon UK 2024 | The State of Trust in AI World

Understanding the Opportunity: DORA and NIS 2 Compliance for MSPs

Apr 30, 2025 By WatchGuard Technologies In WatchGuard

Stephen Helm presents on the opportunity for MSPs on the new DORA and NIS 2 compliance requirements.

View Video

WatchGuard

Read more about Understanding the Opportunity: DORA and NIS 2 Compliance for MSPs

Top 5 HIPAA Pitfalls That Lead to PHI Leaks on Websites

Apr 30, 2025 By Feroot In Feroot

Maintaining HIPAA compliance on healthcare websites is crucial for protecting PHI (Protected Health Information) and upholding patient privacy. The Health Insurance Portability and Accountability Act (often referred to in short form as HIPAA or the portability and accounting act) was introduced in the United States to address the health insurance portability, security, and accountability requirements within the healthcare industry.

Read Post

Feroot

Read more about Top 5 HIPAA Pitfalls That Lead to PHI Leaks on Websites

Security Threats to Payroll Data: How Can Your Firm Manage Them?

Apr 30, 2025 By SecuritySenses In SecuritySenses

In modern, connected workplaces, security is a perpetual concern. Some departments in your organization handle high-risk information, such as personal employee data and company finances. Any data breach can bring on a reputational crisis and endanger internal strategic approaches. In February 2025, HR Dive reported the impact of a data breach at an employee screening services provider. The breach affected an unnerving 3.3 million people, leaking people's names and financial account information. Social Security numbers and other ID numbers also got compromised.

Read Post

SecuritySenses

Read more about Security Threats to Payroll Data: How Can Your Firm Manage Them?

Egnyte CMMC Compliance Overview

Apr 29, 2025 By Egnyte In Egnyte

Cybersecurity Maturity Model Certification (CMMC) is a certification program that’s required for all U.S. Department of Defense (DoD) contractors to ensure they have the necessary controls to protect sensitive information. CMMC is anticipated to appear in DoD contracts as early as mid-2025. Egnyte provides an EgnyteGov secure data enclave to help manage CUI and FCI and to help you achieve compliance. Sign up for our CMMC consultation to learn how Egnyte can help with your CMMC compliance journey, so you can continue bidding on DoD contracts.

View Video

Egnyte

Read more about Egnyte CMMC Compliance Overview

AI and Compliance with Adam Winston

Apr 29, 2025 By WatchGuard Technologies In WatchGuard

This week on the podcast, we bring in Adam Winston, former CSO of ActZero and current Field CTO for Managed Services at WatchGuard to discuss automating the SOC with AI. We cover the history of AI in SecOps, the good and bad applications of AI and Machine Learning, what the future looks like, and how compliance might impact our ability to get there.

View Video

WatchGuard

Read more about AI and Compliance with Adam Winston

Why Secure Custom Application Development Is a Must for Modern Businesses

Apr 29, 2025 By SecuritySenses In SecuritySenses

Security isn't just a technical concern anymore it's a core part of doing business. Many companies find themselves relying on pre-built software that wasn't designed with their specific risks or workflows in mind. These off-the-shelf tools may offer basic functionality, but they often lack the control, adaptability, and protection modern teams need. That's why more organizations are investing in custom application development: to build systems that fit their operations and protect what matters most.

Read Post

SecuritySenses

Read more about Why Secure Custom Application Development Is a Must for Modern Businesses

4 lessons learned during our ISO 42001 audit

Apr 28, 2025 By Vanta In Vanta

Vanta is proud to be one of the first companies to achieve ISO 42001 compliance with our audit partner Schellman, an ANSI-accredited ISO 42001 auditor. ‍ To prepare for and pass our audit, our team worked diligently to assess our specific business needs, communicate clearly with stakeholders and AI leadership, and complete formal training to learn how to develop, integrate, and deploy trustworthy AI systems in line with emerging laws and policies.

Read Post

Vanta

Read more about 4 lessons learned during our ISO 42001 audit

Essential Strategies for HIPAA Compliance and Ransomware Resilience

Apr 28, 2025 By Trustwave In Trustwave

Neglecting regulatory compliance obligations, whether intentional or not, is not just a procedural error but a direct invitation for significant financial penalties, operational disruption, and, in the case of a healthcare organization, creating a potentially life-threatening situation. These consequences were recently illustrated by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR).

Read Post