Cyber Risk and Privacy

How HITRUST Certification Can Satisfy Your SOC 2,
ISO 27001, and FedRAMP Requirements 

How HITRUST Certification Can Satisfy Your SOC 2, ISO 27001, and FedRAMP Requirements 

The HITRUST CSF pulls from many major pre-existing frameworks to provide a complete, certifiable security standard.  Learn about the many different cybersecurity frameworks that can be incorporated into your organization’s HITRUST assessment to help streamline your approach to compliance.  

Read More

What is Zero Trust?

Zero Trust

There is no one-size-fits-all solution for security so the best way to lessen the threat surface is to implement a zero trust architecture.  To determine if pursuing a zero trust architecture is the right move for your organization, you need to understand its purpose, benefits and challenges. 

Read More

Survey Says: Compliance Programs Largely Immune to the Pandemic

Survey Says: Compliance Programs Largely Immune to the Pandemic

The business and compliance landscape seems to constantly evolve. Between new cybersecurity threats and the increasing use of a distributed workforce, it’s hard for organizations to ensure they’re staying on top of compliance requirements. And the COVID-19 pandemic made this more challenging. At least that’s what we thought. 

Read More

CPRA vs. CCPA: What’s the Difference? 6 Key Changes to Understand

CPRA-vs-CCPA

Less than one year after the CCPA took effect, California passed another consumer privacy law: the CPRA. Here are six changes to help you understand CPRA vs. CCPA. 

Read More

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The emergence of automated security and compliance solutions still leaves organizations with a problem: these point solutions are unable to provide independent third-party certification.

Read More

Three Best Practices to Prevent a Supply Chain Attack at Your Organization

Three Best Practices to Prevent a Supply Chain Attack at Your Organization

The SolarWinds supply chain attack rocked governments and businesses alike in late 2020. Help keep your organization safe with these three key steps.

Read More

Go Beyond the Privacy Policy

Go Beyond the Privacy Policy

Each year, Data Privacy Day is an opportunity for organizations of all sizes to think about their privacy posture.

Read More

AWS Audit Manager: Accelerating the Audit Lifecycle

AWS-Audit-Manager-blog

Earlier this month, Amazon Web Services (AWS) announced a new offering: AWS Audit Manager. This product was built to simplify the risk and compliance process for AWS customers – which is a big deal these days as cybersecurity audits take up more and more time from CISOs and IT Security teams.

Read More

4 Miscellaneous HITRUST Regulatory Factors to Consider

4 Miscellaneous HITRUST Regulatory Factors to Consider

Over the last few blogs, we have provided a comprehensive overview of the HITRUST landscape, from the authoritative sources at its core, to the optional regulations, or regulatory factors, that are commonly added on to a HITRUST assessment for industry-specific purposes.  

Read More

How European Companies Can Accelerate International Expansion with SOC 2 Compliance

WS EMEA Accelerate Expansion SOC2

The United States represents an attractive market for many European companies, but international expansion can be fraught with risk because of a completely different regulatory landscape. 

Read More