If you’re a product or service organization that handles client data, you should seriously consider getting a SOC 2 audit. Larger companies that contract your services...
For years, a common rule-of-thumb said your security spending should be around 10% of your company’s IT budget—but that rule doesn’t quite hold up anymore. In fact, a...
A security program takes time to build. But you need one, no matter the size of your company, so, if you have to, start small. It's better than procrastinating and...
The gravest risk to your data is taking an ad hoc approach to security instead of implementing a carefully thought-out security program. Creating a security policy...
Molson Coors suffered a cyber-attack on March 11, 2021, that disrupted "its brewery operations, production, and shipments." By early April, the company reported to...
Ransomware attacks are big news right now. According to US Secretary of Homeland Security Alejandro Mayorkas, ransomware attacks are up a whopping 300% over the last...
The SPIO platform helps small companies build, mature, and document their security programs. We designed the SPIO platform around the NIST 800-53 standard. It's the...
When we start talking about security programs and standards, we need to also talk about security compliance. Unfortunately, these terms can start to blur together. To...
Protecting your company requires a robust security program with documented policies and processes; but without consistent, thorough execution of those policies, your...
Every company has valuable assets vulnerable to hackers. The size or stage of the company doesn't matter. All companies bear some degree of cybersecurity risk....