Legal

Family Affair: Using ISO 27001 to conform to ISO 27017 and ISO 27018

ISO 27000 Family – Information Security Management Systems The ISO 27000 family of standards is related to an organization’s information security management systems, or ISMS. This international standard helps organizations by providing a clear set of requirements that can be used to manage the security of the business’ assets. An…

Read More

Outline of Guidance for PCI DSS Scoping and Network Segmentation

In order to clarify scoping and network segmentation principles in PCI DSS, the PCI SSC has released additional guidance in order to help organizations identify what systems are considered in scope for PCI DSS assessments. This guidance was developed by industry experts and the PCI SSC Board of Advisors in…

Read More

Phishing 201: What are the Different Types of Phishing Attacks?

In our initial blog, Phishing 101, we covered the basics of phishing, including what phishing is and how to prevent it. Today, we will cover the different types of phishing attacks that your organization could be vulnerable to. Types of Phishing Deceptive phishing Deceptive phishing is the most common…

Read More

Social Engineering 101: What is Phishing and How do I Prevent It?

What is Phishing? Phishing is a series of communications that are sent in order to deceive individuals to provide sensitive information. Phishing can take the form of email messages, website forms, or phone calls and can be designed to reveal different information.  This information can take the form of: Credit…

Read More

FedRAMP vs. FISMA: Choosing the Right Standard for Your Federal Clients

When pursuing federal clients or servicing existing federal clients, there are a number of unique compliance needs due to the sensitivity of the federal information. Standards such as FedRAMP and FISMA exist to create consistent security standards for organizations seeking federal agency clientele. FISMA, or the Federal Information Security Management…

Read More