The domain of artificial intelligence (AI), particularly generative AI (GenAI), is brimming with intriguing potential for companies all over the world. conversational AI bots, open-source large language models (LLMs), and specialized models are now ubiquitous in organizations. However, the rapid advancement and widespread adoption of these tools is creating substantial challenges when it comes to […]
Data security news & resources
DLP requirements & controls + implementation (ISO 27001:2022)
All security folks are familiar with ISO 27001. This powerhouse of a standard is the paradigm of information security excellence, designed to help organizations keep data safe, prevent cyber-attacks and manage security threats through the creation of an information security management system. Beyond just being good for cybersecurity, ISO 27001 is also vital for business […]
A quick-start guide to data compliance for startups
It’s a well-known fact in the security community that compliance and privacy should be built into operations, software and culture from the ground up. While organizations that have been around for decades don’t have the luxury of doing this, startups are perfectly placed to bake in compliance from the outset. Curious how to do it? […]
What is changing in ISO 27001 with 2022 updates?
ISO 27001-2002 has implemented 93 new controls spanning from threat intelligence to data governance controls. A higher bar has been set.
Hiring a compliance analyst? 5 traits to look for
A good compliance team can make the difference between a company that is successful vs not. Risks related to reputation, enterprise, technology, people, third party are just some of the areas that a compliance team gets involved in. Finding the right candidate is challenging but keeping these traits in mind can help look for good […]
What is ISO 27701? How is it different from ISO 27001?
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) are recognized internationally as authorities on management systems and best practice. ISO/IEC has become a gold standard to satisfy privacy, compliance and security posture especially as it relates to fintechs and healthcare providers. It is a great way to prove your compliance to […]
SOC2, ISO or HIPAA Compliance: False Sense of Security
In the US alone, the overall cost of healthcare breaches in 2019 was US$ 11.8 billion (£9.2 billion) – more than double the 2018 figure, & healthcare breach discovery time is the longest for any industry. Technology and process audits such as SOC2, ISO and HIPAA compliance certificate often creates a false sense of security […]