Managing Third-Party Data Security

Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...

What Awaits in 2018? Cybersecurity Trends & Hot Topics

2017 was a year of cybersecurity breaches that ran the gamut from the world of video games to once-trusted credit bureaus. At the beginning of the year, video gaming communities, Xbox 360 and Sony PlayStation were hit in separate attacks. Hackers gained access to users’ private information as well as email addresses, usernames, and passwords....

2018 Security Strategies for CISOs

What Cybersecurity Threat Keeps You up at Night? From government agencies to technology companies, retail stores to organizations in the healthcare industry, cybersecurity breaches cause a devastating loss of data, customers, and money every year. The constant state of threat can make a breach seem not just possible, but inevitable. However, this doesn’t have to...

How to Prevent IOT Security Threats

The Importance of Building a Security Program for IoT We live in an age of “smart” everything, from smartphones to smart televisions. Even our alarm systems and printers are connected to the Internet, remotely accessible with just the touch of a few buttons. This added convenience creates added security risks, as Sony discovered when hackers...

GDPR Compliance | A Data Privacy Program is Necessary

The Key to Ensuring GDPR Compliance? A Data Privacy Program.  If your organization does business in Europe or works with European clients, you may be aware of the EU’s work to create a standardized set of data protection regulations. This framework, known as GDPR (General Data Protection Regulation) gives individuals greater control over their personal...

CISO Suggestions for the Equifax Breach [One-Page Facts Sheet Included]

CISO Suggestions for the Equifax Breach By now, most people are somewhat familiar with the facts of the Equifax data security breach. Millions of people had their social security numbers, credit card numbers, addresses, and other personal information stolen. The aftermath has been one of anger, confusion, and a feeling of extreme anxiety – not...

General Data Protection Regulation (GDPR) | Overview, Benefits, Rules, and What it Means for Your Organization

What Is the General Data Protection Regulation (GDPR) and How Does It Affect My Organization? If your organization deals with the processing of personal data, maintaining the security and privacy of that data should be an organization’s top priority. The regulation of data security and privacy are constantly changing, and organizations must be aware of...

CIO Perspective | Top 10 Tips to Improve Your Information Security Program

Perspective from a Seasoned CIO: Top 10 Tips to Improve Your Information Security Program Author: Mike Gentile with Cameron Cosgrove As security practitioners who have built hundreds of security programs for organizations around the world, the team at CISOSHARE is able to provide a unique perspective on what it takes to design an effective information...

10 Signs You Should Invest in an Information Security Program

Why Should You Invest in an Information Security Program? Imagine the following, your business is doing well and things are spinning along at a perfect pace. You read about another information security threat making the news, but you have remained untouched by any major mishaps. You may wonder “Why to invest in a security program?”....

About NIST 800-171 And The Additional Requirements Laid Out By The DFARS

NIST 800-171 is Your Organization Prepared? When an organization works with government agencies such as the Department of Defense (DoD), protecting sensitive information is key. A whole host of rules and regulations govern how third parties must handle such information, and failure to ensure compliance could result in loss of government contracts. Starting in December...