How to Lead a Cybersecurity Initiative

by Sarah Harvey / June 14, 2023

Are you a CISO, CCO, ISO, or member of the IT department that’s building and leading a cybersecurity strategy? Don’t know where to start? The foundation of a cybersecurity strategy should be built on basic principles of security – patch management, risk assessment, network monitoring, vulnerability management. From there, you must cultivate awareness of the evolving threat landscape, observe regulatory responses, continue to train and invest in your team, and…

GDPR Fundamentals: Data Protection Officers

by Mark Hinely / April 5, 2023

 Most organizations who are required to comply with GDPR will have a Data Protection Officer (DPO). The requirement to have a DPO applies if you are a public authority, if your regular activities require large-scale and systematic monitoring, or if your core activities consist of large-scale processing of special categories of data. Qualifications of a Data Protection Officer When hiring a DPO, GDPR specifies that the individual must have…

Business Continuity and Disaster Recovery: How to Avoid a Crash Landing

by Randy Bartels / June 14, 2023

I Piloted an Emergency Landing, and So Can You It can be easy to put business continuity and disaster recovery planning on the back burner if your organization has never been affected by a disaster. But what would happen if a power outage, tornado, or data breach hit your organization and you didn’t have any plan in place? Disaster strikes when you’re least expecting it. It’s critical that you ensure…

5 Questions to Ask When Choosing Your Audit Partner

by Sarah Harvey / September 13, 2023

What would it cost you if your top client was not satisfied with the quality of your audit? In the current threat landscape, it’s absolutely crucial for organizations to find information security audit firms who take risk factors, security and privacy obligations, and cybersecurity seriously. In order to successfully protect your data and your reputation, you must first choose an audit firm. This can be an overwhelming task, but it’s…

GDPR Fundamentals: Roles Under the Law – Controllers, Processors, and Joint Controllers

by Mark Hinely / April 5, 2023

GDPR divides responsibilities for organizations processing personal data based on their role, so determining which role your organization plays is one of the first steps towards GDPR compliance. You cannot know what your requirements or obligations under the law are until you do so. There are three major roles under GDPR: controllers, processors, and joint controllers. Let’s discuss what each of these roles mean and how your organization can determine…