Mission Possible: Turning Compliance Into Tangible Security

Jul 23, 2021 8:54:56 AM By Stu Sjouwerman

The average compliance document is dozens to hundreds of pages long and includes numerous controls. And you’re expected to meet all those controls to regulatory satisfaction. The problem ...

How to Get The Most Out of Your Compliance Platform

Jul 1, 2021 10:48:01 AM By Lecio DePaula

What do some of the world's biggest organizations have in common? Is it a superior product, better management, or more funding? While all of these factors can play a role in the success ...

Turning Compliance Into Tangible Security

Jun 23, 2021 1:44:50 PM By Roger Grimes

Compliance and security are supposedly about risk management. Both seek to reduce the chances that threats and their risks will be able to successfully exploit a target. But they are ...

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

Jan 7, 2021 10:55:23 AM By Stu Sjouwerman

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven ...

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

Jan 7, 2021 8:50:50 AM By Stu Sjouwerman

The NYT just reported the next revelation regarding the SolarWinds hack. The Russian FSB may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic.

Brand-New Tool: Is your organization ready for the new CMMC compliance audit? Find out now!

Nov 3, 2020 8:27:23 AM By Stu Sjouwerman

You already have challenging compliance requirements and having enough time to get your audits done is a continuous problem.

Security Awareness Training Compliance and .GOV

Oct 17, 2020 9:55:32 AM By Stu Sjouwerman

A customer sent me the following observation which is something I have been trying to get across for the last 10 years: "I found this interesting – and potentially disconcerting. This ...

See How You Can Get Audits Done in Half the Time at Half the Cost

Oct 6, 2020 12:30:36 PM By Stu Sjouwerman

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments and third-party vendor risk is a continuous problem.

[On-Demand] The Critical Need to Improve Your Compliance Processes

Sep 22, 2020 7:00:00 AM By Stu Sjouwerman

You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary ...

New Compliance Management Features Now Available in the KCM GRC Platform

Aug 6, 2020 8:00:00 AM By Stu Sjouwerman

We're excited to announce new updates and features to our KCM GRC platform to make managing your compliance projects even easier! KCM GRC helps you get your audits done in half the time, ...

How To Get And Stay Compliant With The New California Consumer Privacy Act (CCPA):

Jul 8, 2020 11:27:36 AM By Stu Sjouwerman

California's new AB 375 privacy law is not as bad as GDPR, but the details are still in flux. CCPA does not have some of GDPR's most scary requirements like the very short 72-hour window ...

If you don’t meet the CMMC specifications, you will no longer be able to compete for the DoD’s business

Jul 6, 2020 10:08:34 AM By Stu Sjouwerman

The Cybersecurity Maturity Model Certification (CMMC) is a new US Department of Defense (DoD) standard for implementing best practices throughout the defense industrial base, which ...

Six Security Questions You Should Keep in Mind for Third Parties

Feb 6, 2020 8:23:45 AM By Jelle Wieringa

Organizations are beginning to understand the consequences of a data breach or a phishing attack and the negative impact they can really have. But what are the security risks for third ...

Confront Apprehensive Compliance Before Disaster Strikes

Jan 22, 2020 8:36:35 AM By Joanna Huisman

This blog is co-written by Aimee Laycock and Joanna Huisman When it comes to fostering a more secure environment it’s not a question of wanting to…it’s more like YOU HAVE TO. ...

December Content Update: Includes New Versions of Email Exposure Check Pro and Phishing Security Test Tools

Jan 8, 2020 5:36:43 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of December.

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

Dec 27, 2019 12:04:30 PM By Stu Sjouwerman

LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: "With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some ...

99 Percent Of All Misconfigurations In The Public Cloud Go Unreported

Sep 28, 2019 8:22:58 AM By Stu Sjouwerman

Charlie Osborne at ZDNet wrote: "Today's data breaches often seem to be caused not just by malware infections or external threat actors, but human error, insiders with an ax to grind, and ...

Financial Phishing Campaigns on the Rise

Aug 29, 2019 7:01:35 AM By Stu Sjouwerman

More than 1900 new potential bank phishing sites were registered in the first half of 2019, according to researchers at NormShield. Based on the increase in new suspicious domains ...

British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

Jul 8, 2019 1:56:02 PM By Stu Sjouwerman

U.K.-based airline British Airways (BA) is facing a record fine of £183 million ($229 million) after suffering a cyberattack in September last year. The U.K. Information Commissioner’s ...

Is Compliance Security’s Worst Enemy?

Jun 24, 2019 7:14:00 AM By Stu Sjouwerman

KnowBe4’s Data-Driven Defense Evangelist, Roger Grimes, explains why compliance and security are not aligned, and why compliance actually hurts security.