Michelle Ofir Geveye
Michelle Ofir Geveye
Mastering the German Federal Data Protection Act (BDSG-New): A Deep Dive
On May 25, 2018, Germany entered a new era of data protection. On that day, the GDPR…
The Goals of Security Compliance
Do you find yourself tempted to postpone your compliance duties? The sighs and eye-rolls that often accompany…
Comprehensive Third-Party Risk Assessment Checklist for Robust Risk Management
Third-party partnerships require a careful balancing act to navigate the complexities inherent in external collaborations. Let’s delve…
Workforce Risk Management: Strategies for Mitigating Employee-Related Risks
People are the backbone of every business, but they generate significant risk. Employee-related exposures, such as health…
Safeguarding Your Business From Social Media Risks
Social media is the avenue to foster connections, nurture relationships, and amplify your brand’s voice across a…
Leveraging NIST OSCAL to Provide Compliance Automation: The Complete Guide
What is OSCAL? OSCAL provides a traceable and machine-readable data format for capturing and sharing security information.…
How Will DORA Affect the Board of Directors?
How DORA is Transforming the Management’s Role in Financial Services EU’s Digital Operational Resilience Act (DORA) ushers…
Understanding the Florida Digital Bill of Rights
Florida Senate Bill 262 has passed in the Republican-led Florida legislature. The Florida Privacy Act attempts to…
New Jersey Privacy Act 2024: What to Expect
NJDPA 2025 Update The New Jersey Data Protection Act (NJDPA) went into effect on January 15, 2025.…
CJIS Compliance Checklist: Are You Meeting All the Requirements?
What is the CJIS? The Criminal Justice Information Services was established by the FBI in 1992 as…
Substantive Testing vs. Control Testing: Unveiling the Difference
The goal of audit testing procedures in financial reporting is to gather enough relevant evidence to reasonably…
Best Practices in Audit Management Process
What is Audit Management? Audit management is the oversight, governance, and established procedures that help you manage…
Understanding the Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS) of DORA
The financial industry eagerly awaits the release of the second batch of draft regulatory technical standards (RTS)…
Future of Compliance: 2024's Essential Cybersecurity Insights
Compliance Trends and Timeline for Regulations in 2024 From data security standards to privacy laws and emerging…
What Do You Do if You Have a Third-Party Data Breach
Data breaches have become an unfortunate reality in today’s digital landscape, affecting organizations of all sizes. In…
7 Steps to Measure ERM Performance
The distinction between enterprise risk management (ERM) and traditional risk management is more than semantics. The simplest…
How Do You Quantify Risk? Best Techniques
Categorizing risks as high, medium, or low has been the go-to method for organizations seeking to prioritize…
Protecting Endpoints in an Evolving Threat Landscape
Imagine your digital environment as a bustling metropolis, with every user, application, and system contributing to the…
Data Privacy in the United States: A Recap of 2023 Developments
2023 marked a surge in comprehensive state data privacy laws. At the beginning of the year, only…
Introduction to the NIST AI Risk Management Framework (AI RMF)
Unlike general cybersecurity concerns, whose primary focus is thwarting threats and vulnerabilities, AI risk management introduces a…
NIS2 Framework: Your Key To Achieving Cybersecurity Excellence
With the introduction of NIS2, the European Union has moved beyond the GDPR’s focus on data protection…
How to Get PCI DSS Certification?
The purpose of PCI DSS is simply to ensure that all companies that accept, process, store or…
How to Conduct a Vulnerability Assessment
Ignorance can be costly when safeguarding your cloud or hybrid networks. Today’s security teams face the challenge…
The Benefits of Employing AI in GRC
The narrative of technology surpassing human intelligence and altering the course of humanity is a recurring theme…
Understanding the Key Differences Between TPRM and GRC
Organizations face multifaceted governance, risk management, and compliance challenges in today’s dynamic business environment. These challenges necessitate…
Why a Zero Trust Security Policy Matters and Steps to Implementation
Understanding Zero Trust Traditionally, cybersecurity operated on a simple principle: trust what’s inside, be wary of what’s…
What is the Difference Between DORA and GDPR?
What is DORA? DORA, or the Digital Operational Resilience Act, marks a transformative milestone in financial regulation.…
Achieving DORA Compliance in Your Organization
What is DORA (Digital Operational Resilience Act)? DORA is a groundbreaking EU regulation designed to enhance the…
Why is Threat Modeling So Important in 2024?
There’s an old saying — an ounce of prevention is worth a pound of cure. Nowhere does…
Top 5 Strategies for Vulnerability Mitigation
Whether you are an SMB looking for advice as to where to start with security vulnerability management…
