Security Awareness Training Blog

Compliance Blog

Compliance news as it relates to cybersecurity, who it affects, and how to stay compliant.

Try the new Compliance Audit Readiness Assessment today for the NIST Cybersecurity Framework

When it's time to complete a compliance audit of your cybersecurity readiness plan, are you thinking, "Ugh, is it that time again?"
Continue Reading

Don't Just Have a Compliance Season, Have a Culture of Compliance

“We want compliance training to be impactful like your security awareness training.”
Continue Reading

[On-Demand] Strategies to Achieve Compliance and Real Risk Reduction at the Same Time

Organizations like yours use regulatory guides and compliance frameworks as the foundation of their list of controls. You can easily have many hundreds to thousands of controls to create ...
Continue Reading

Try the New Compliance Audit Readiness Assessment Today for the SSAE18 Framework

When it's time to complete a compliance audit, are you thinking, "Ugh, is it that time again?" And, as more organizations demand proof that  their data is protected in the cloud, keeping ...
Continue Reading

Engaging Your Remote Workforce: Go Beyond Compliance with Training

Even after the pandemic ends, many employees say they want to stay home and continue to work remotely. A recent study by the Mckinsey & Company that looked at over 800 jobs in nine ...
Continue Reading

[On-Demand Webinar] Conducting Data Protection Impact Assessments on Your Cloud Environments

Whether you're creating a new product, going through mergers & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk.
Continue Reading

Mission Possible: Turning Compliance Into Tangible Security

The average compliance document is dozens to hundreds of pages long and includes numerous controls. And you’re expected to meet all those controls to regulatory satisfaction. The problem ...
Continue Reading

How to Get The Most Out of Your Compliance Platform

What do some of the world's biggest organizations have in common? Is it a superior product, better management, or more funding? While all of these factors can play a role in the success ...
Continue Reading

Turning Compliance Into Tangible Security

Compliance and security are supposedly about risk management. Both seek to reduce the chances that threats and their risks will be able to successfully exploit a target. But they are ...
Continue Reading

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven ...
Continue Reading

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

The NYT just reported the next revelation regarding the SolarWinds hack.  The Russian FSB may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic.
Continue Reading

Brand-New Tool: Is your organization ready for the new CMMC compliance audit? Find out now!

You already have challenging compliance requirements and having enough time to get your audits done is a continuous problem.
Continue Reading

Security Awareness Training Compliance and .GOV

A customer sent me the following observation which is something I have been trying to get across for the last 10 years: "I found this interesting – and potentially disconcerting. This ...
Continue Reading

See How You Can Get Audits Done in Half the Time at Half the Cost

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments and third-party vendor risk is a continuous problem.
Continue Reading

[On-Demand] The Critical Need to Improve Your Compliance Processes

You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary ...
Continue Reading

New Compliance Management Features Now Available in the KCM GRC Platform

We're excited to announce new updates and features to our KCM GRC platform to make managing your compliance projects even easier! KCM GRC helps you get your audits done in half the time, ...
Continue Reading

How To Get And Stay Compliant With The New California Consumer Privacy Act (CCPA):

California's new AB 375 privacy law is not as bad as GDPR, but the details are still in flux. CCPA does not have some of GDPR's most scary requirements like the very short 72-hour window ...
Continue Reading

If you don’t meet the CMMC specifications, you will no longer be able to compete for the DoD’s business

The Cybersecurity Maturity Model Certification (CMMC) is a new US Department of Defense (DoD) standard for implementing best practices throughout the defense industrial base, which ...
Continue Reading

Six Security Questions You Should Keep in Mind for Third Parties

Organizations are beginning to understand the consequences of a data breach or a phishing attack and the negative impact they can really have. But what are the security risks for third ...
Continue Reading

Confront Apprehensive Compliance Before Disaster Strikes

This blog is co-written by Aimee Laycock and Joanna Huisman When it comes to fostering a more secure environment it’s not a question of wanting to…it’s more like YOU HAVE TO. ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews