Truvantis Blog » CISO
134 FOLLOWERS
Thoughts and insights on Cyber Security, Privacy, and Information Security programs including how to reduce risk through Risk Assessments, PCI DSS compliance, HIPAA, ISO27001, NIST800-53, CIS Controls, vulnerability assessments, and penetration testing. Truvantis is a cybersecurity consulting organization providing best-in-class cybersecurity services to secure your organization's..
Truvantis Blog » CISO
8M ago
Everyone is aware Cybersecurity is a necessity. And regardless of how mature or lacking your current cybersecurity program is, the constantly changing landscape makes it challenging to stay on top of. From potential concerns related to an economic ..read more
Truvantis Blog » CISO
8M ago
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a widely recognized security framework that HITRUST developed in 2007 to provide a roadmap to compliance for programs like ISO/IEC 27001 and HIPAA. HITRUST CSF ..read more
Truvantis Blog » CISO
1y ago
You likely need a risk assessment for compliance. PCI DSS 4.0, SOC2, ISO 27001, NIST, HIPAA, and other standards require a risk assessment as a fundamental part of a robust security program— and they're right to make this fundamental analysis a ..read more
Truvantis Blog » CISO
1y ago
All organizations face the challenges of new cybersecurity and privacy laws, a sharp increase in cybersecurity litigation, and the ceaseless evolution of ransomware and cyber-threats. As a result, mature risk management and IT security team have ..read more
Truvantis Blog » CISO
1y ago
"Compliance is NOT Security" You hear this common lament from security professionals, "Compliance is not security." This remark has always sounded like an excuse to me. I suppose the reason is that most people who utter this phrase always seem to ..read more
Truvantis Blog » CISO
1y ago
The fact that each state in the U.S. seems to have specific privacy laws with no central comprehensive federal law makes it difficult to know what privacy regulations apply to your organization. Therefore, navigating the privacy legal waters ..read more
Truvantis Blog » CISO
1y ago
One of the best ways to demonstrate the suitability of your Information Security Management System (ISMS) to your organization, customers, and partners is to achieve a globally recognized certification. The ISO 27001 certification is also a ..read more
Truvantis Blog » CISO
1y ago
One of the best ways to demonstrate the suitability of your Information Security Management System (ISMS) to your organization, customers, and partners is to achieve a globally recognized certification. The ISO 27001 certification is also a ..read more
Truvantis Blog » CISO
1y ago
The Data Protection Officer (DPO) is a role required by the EU General Data Protection Regulation (GDPR). If your organization is subject to GDPR and meets the large-scale data handling factors, you need a DPO. What can you do if you don't have an ..read more
Truvantis Blog » CISO
1y ago
Not every business can internally support the staffing and resources necessary to independently develop robust cybersecurity and privacy programs. Fortunately, you can partially or fully outsource to trusted partners the jobs of CISO and IT security ..read more