Cyber Leaders of the World: Marc Johnson, CISO at Impact Advisors
Please tell us a bit about yourself, your background, and your journey of becoming a CISO at…
Immediate Actions to Reduce the Cyber Attack Surface
What Is an Attack Surface? Your “attack surface” is a susceptible area comprised of points in a…
What are the Cyber Security Risks of ChatGPT?
Chatgpt 3 Speaks For Itself The internet is so laden with content about this new wizard, there’s…
Cyber Leaders of the World: Craig Williams, CISO at Secure Data Technologies
Please tell us a bit about yourself, your background, and your journey of becoming a CISO at…
Best Ways To Make GRC Work When Budget is Tight
We’ve all seen it: Compliance teams deluged by regulatory requirements, constant red alerts about software vulnerabilities that…
Connecticut Data Privacy Act: Everything You Need to Know
Background to the CTDPA On May 10, 2022, Connecticut enacted a comprehensive data privacy law, making it…
SIG Security Questionnaire: Everything You Need to Know
What is the SIG Questionnaire? The SIG, short for “Standardized Information Gathering (Questionnaire)”, standardizes the assessment of…
Understanding and Applying Health Industry Cybersecurity Practices
The Health Industry Cybersecurity Practices (HICP) was created to integrate effective cybersecurity strategies into a healthcare organization’s…
Cyber Leaders of the World: Bill Genovese, CIO Advisory Partner at Kyndryl
Please tell us a bit about yourself, your background, and your journey of becoming a CIO Advisory…
What are the Implications of ChatGPT for InfoSec?
What does ChatGPT have in store for information security? Will the artificial intelligence-powered chatbot empower the information…
NIST Cybersecurity Framework 2.0: Tailoring to the Needs of Industry
The NIST CSF is Scheduled For a Makeover The NIST Cybersecurity Framework is a set of standards,…
Cyber Leaders of the World: Dr. Brian Callahan, Graduate Program Director & Lecturer at [email protected], and CISO at PECE
Please tell us a bit about yourself, your background, and your journey of becoming a CISO at…
Mapping HIPAA to ISO 27001: A Comprehensive Guide
Two Foundational Frameworks: ISO 27001 and HIPAA With the growing number of risks in the information security…
Centraleyes Product Webinar: Cyber Insurance
Centraleyes’s dedicated Cyber Insurance solution helps onboard new clients, quantify cyber risk, and actively helps your customers…
4 Practical Risk Mitigation Techniques To Apply to Your Business
Whether you are an SMB looking for advice as to where to start with risk management or…
Using the Hierarchy of Cybersecurity Needs for Incident Response
Abraham Maslow was a humanistic psychologist, which put him in a different bucket than other psychologists you…
Cyber Leaders of the World: Chris Grundemann, Research Category Lead for Security and Risk at GigaOm
Please tell us a bit about yourself, your background, and your multiple endeavors, including your role as…
How Much Does SOC 2 Type Compliance Cost?
One of your biggest questions regarding a SOC 2 audit is whether it fits in your budget.…
The Simple Guide To Maine Privacy Law
Background of the Maine Privacy Law In 2019, Maine became the first state in the nation to…
What Are the Main Benefits of Network Access Control Solutions?
Business networks are constantly evolving, and new attack vectors emerge at an astonishing rate. Network managers need…
The Complete Guide for IRS Publication 4557 - Safeguarding Taxpayer Data
Background to the IRS Publication 4557 Data Thefts Are on the Rise in the Tax Industry. Identity…
Third Party Risk Management Software: The Essential Elements and Features
The need for TPRM Solutions Today In today’s hybrid ecosystem of cloud computing, remote employment, and global…
The ISO 27001:2022 Update - Everything You Need To Know With Changes Listed
The release of the newly revised and renamed ISO 27001:2022 has been highly anticipated, although it doesn’t…
Cyber Leaders of the World: Barak Blima, CISO at CHEQ
Please tell us a bit about yourself, your background, and how you got into the cybersecurity industry.…
North Dakota Privacy Law: What You Need To Know
During the 2019 legislative session in North Dakota, a bill (HB1485) was introduced by Representative Kasper-Fargo to…
An Introduction to the Hawaii Consumer Privacy Protection Act
Here’s an interesting fact about the Hawaii bill of rights: The Hawaii constitution lists the word “privacy”…
What is Maryland’s Personal Protection Act?
Maryland’s PIPA (Personal Information Protection Act) was enacted in May 2022 to ensure that Maryland consumers are…
California Privacy Rights Act: What You Need to Know
Origins of the CPRA Mactaggart, a real estate developer in the California Bay Area, started worrying about…
New Jersey Privacy Act: What to Expect
The last couple of years have seen a wave of state privacy law proposals across the United…
What is Cybersecurity Risk Posture and Why Do I Need It?
“Stand straight.” It’s a directive we’ve all heard at some point in our lives and is worth…
What is the California Privacy Rights Act (CPRA)?
California has one of the strictest data protection legislation in the United States. CPRA deals with the…
Compliance Audit Trails: Why They're So Important
The growing body of stringent data privacy laws has pushed for better methods of evidence collection and…
What is Vendor Risk Assessment? The Definitive Guide for 2023
What are Vendor Risk Assessments? Vendor assessment is the process of assessing and identifying risks posed by…
Preparing for ISO 27002:2022 - What Do the Changes Mean for You?
What is ISO 27002:2022? Before we get started, let’s take a minute to explain exactly what ISO…
Cyber Risk Dashboard: The Metrics That Have Value for the Board of Directors
The Board Reporting Challenge Reporting the state of security at a board meeting can lead to confusion.…
Centraleyes Goes Live with Dedicated Risk Framework for Small Business Based on NIST 7621
Centraleyes announces the addition of NIST 7621 to its extensive framework library. The NIST 7621 framework provides…
The Importance of a Remote Access Policy
What Is a Remote Access Policy? As new digital waves continue to engulf the business landscape, remote…
Best Ways to Reduce Compliance Costs and Still Stay Compliant
The Third Digital Wave The digital transformation of the last few decades has completely changed the way…
Top Cybersecurity Threats to Prepare for Before 2023
Is Cyber 2023 Stuff of Movies? We often think of modern cybersecurity as a movie scene with…
Supply Chain Risk Management Explained
What is a Supply Chain? A supply chain is composed of multiple companies, vendors, and suppliers all…
Centraleyes Goes Live with the Latest Version of ISO 27001 2022 Standard
The ISO 27001 standard is internationally accepted as a specification for an Information Security Management System (ISMS).…
The Full NIST 800 53 Checklist: How to Prepare for an Audit
The NIST 800-53 Revision 5 provides a catalog of security and privacy controls for information systems and…
Top US State Data Privacy Laws To Watch Out For in 2023
The digital era has brought new levels of attention to the privacy debate. From big data breaches…
What is the NIST 7621 Cybersecurity Framework, and How Can it Help Small Businesses?
Cyber attacks and ransomware threats on small businesses may not reach the headlines, but they pose a…
Integrated Risk Management Software: A Complete Guide
Given the myriad of risks facing businesses today, business leaders are focusing on risk management like never…
Virginia Consumer Data Protection Act: The Most Important Things to Know About
Virginia Takes a Lead in Data Privacy Just eight pages long, the VCDPA is significantly more succinct…
Cyber Leaders of the World: Tony Velleca, CEO at CyberProof and CISO at UST
Please tell us a bit about yourself, your background, and your journey of becoming the CISO of…
Common Types of Network Security Attacks and How to Prevent Them in Your Enterprise
News outlets confirm what we don’t want to know. A single cyberattack can bring a sprawling corporate…
Why is Threat Modeling So Important in 2023?
There’s an old saying — an ounce of prevention is worth a pound of cure. Nowhere does…
What is the Underlying Theory Behind the Zero Trust Security Model?
The Concept of Zero Trust In the past, companies focused security policies on controlling network perimeters, assuming…
Why Use Automated Compliance Solutions in 2023
Compliance automation has never been more important as companies face frequently updated regulations and a growing cost…
The 10 Best Compliance Podcasts You Should Listen To In 2023
Podcasts have exploded in popularity over the past several years, and it’s not difficult to see why.…
Steps to Identify Controlled Unclassified Information and Protect It
What is Controlled Unclassified Information? CUI stands for Controlled Unclassified Information. CUI is defined as government-related information…
What's New in CIS Controls v8?
CIS Controls The Center for Internet Security (CIS), a non-profit organization with a mission to develop and…
Utah Consumer Privacy Act: What Do Businesses Need To Know
In the United States, most products are regulated by federal agencies that oversee safety standards and enforce…
Why Spreadsheets Don’t Work for Managing Risk Assessments
Microsoft Excel, Google Sheets, and their equivalent software programs are indispensable, and for good reason. These essential…
Colorado Privacy Act Signed Into Law: What You Need to Know
Privacy law is a trending topic in the United States. In the shadow of groundbreaking GDPR laws…
How To Perform a Successful GRC Gap Analysis
Gap analysis is a starting point for a business to compare its current state of information security…
Enhance Your Cyber Maturity With ITSM Integration and Automated Remediation
Centraleyes makes your data actionable and enhances your cyber maturity by automatically creating remediation workflows whenever a…
How to Build a Successful GRC Program to Help Reduce Your Risk Posture
Watch this special, collaborated webinar session where Sagar Shah, Senior Manager of GRC at Corvus Insurance, and Yair Solow,…
Ensure Your Ongoing Compliance With Automatic Framework Reassessment Tasks
Periodically reassessing your frameworks can be crucial to ensure your ongoing compliance and risk posture. With Centraleyes…
How to Manage Company Compliance During Recession: Complete Checklist
Since the 2008 recession, we’ve seen years of mostly low inflation, declining interest rates, and healthy stock…
New Data Privacy Law: Steps Organizations Should Take to Update Their Data Inventory for 2023
State legislatures across the US have been on a roll in introducing omnibus privacy bills. During the…
7 Steps to Accelerate Your Cyber Risk Remediation Initiative
The digitization of the modern workplace has emphasized the importance of cybersecurity for businesses everywhere. Cyber threats…
Cyber Leaders of the World: Rob Black, CEO and Founder of Fractional CISO
Please tell us a bit about yourself, your background, and how you got into the cybersecurity industry.…
The Problem With Heat Maps
Some of you are likely inclined to dismiss that idea outright. Traditionally, organizations that use a heat…
Continuous Control Monitoring: Why is it So Important?
Security teams are tasked with the job of assuring that business risks are securely managed and that…
Stay in the Know With a Full Activity Log of Your Assessment Collection
The Centraleyes platform offers a full audit trail of all of the activities contained within your assessments,…
Add a New Entity to Perform Your Assessment in 10 Seconds
Creating a new entity in the Centraleyes Multi-Entity 1st Party module provides you with another layer of…
Struggling to Fix Cyber Governance? Here Are the Most Powerful Strategies
Definition of Cyber Governance Cyber security governance provides a strategic view of how an organization controls its…
Pros and Cons of Continuous Compliance Solutions
Compliance Audit Woes Compliance audits are STRESSFUL. IT teams work overtime and overnight to collect evidence of…
Cloud Compliance: Best Practices for Success
Race to the Cloud Cloud migration is not just a quick shift from traditional network systems to…
Guide to Cloud Security Risk Management
Cloud computing is transforming enterprises and e-commerce markets globally, thanks to its scalability and flexible usage. Within…
Cyber Risk Quantification
If there’s one thing that’s certain in the expanding digital world, it’s that nothing is certain. Unseen…
Risk Quantification: Why Quantifying Is Only the First Step to Effective Risk Management
Breaches have never been more expensive. Don’t believe us? See for yourself. The average data breach cost…
The Difference Between Due Diligence and Due Care in Cybersecurity
Due diligence and due care are commonly used interchangeably, but in the world of cybersecurity, they have…
Cyber Leaders of the World: Zachary Lewis, CISO at the University of Health Sciences and Pharmacy in St. Louis
Please tell us a bit about yourself, your background, and your journey of becoming a CISO for…
The Ongoing Need for Cyber Insurance
Cyber Insurance is not a new concept — it has existed in one form or another since…
Managing 4th Party Risk in Your Enterprise: A Step by Step Guide
Supply chains have never been more complex and intertwined. The result is a network of vendors and…
How to Stay Secure and Compliant in a World of Regulatory turmoil
Watch this special, collaborated webinar session where industry experts from Netsurit and Centraleyes meet at an intriguing…
Centraleyes Announces the Addition of NIST 800-53 to its Expanding Framework Library
Centraleyes announces the addition of NIST 800-53 to its extensive framework library. NIST 800-53 was created to…
Centraleyes Adds the HECVAT Risk Assessment to its Expanding Framework Library
Centraleyes announces the addition of the Higher Education Community Vendor Assessment Toolkit (HECVAT) its extensive framework library.…
A GRC Framework: 5 Tips for Building a Successful One
The GRC Revolution Unlike many catchphrases in the cyber dictionary, GRC (governance, risk, and compliance) is not…
Cyber Leaders of the World: Dan Wilkins, CISO at the State of Arizona
Please tell us a bit about yourself, your background, and your journey of becoming a CISO for…
Centraleyes Maps the FFIEC to its Expanding Control Inventory
Centraleyes announces the addition of the Federal Financial Institutions Inspection Council (FFIEC) to its expanding framework library.…
Inflation Impacts Cyber Data-Loss: Here’s What You Need to Know
Inflation is already impacting organizations worldwide, and its impact on the cost of cybersecurity incidents must be…
Cyber Data Loss: 4 Best Ways to Avoid
Data is the life force of business today. What would happen to a business if it was…
Everything You Need to Know About ESG Risk Assessment Tools
The way that your company conducts itself has never been more critical. Approximately 76% of consumers say…
Everything Startups Must Know About Compliance [Guide]
Most startups fail, so how can yours succeed? It’s a complex answer, but part of that answer…
New SEC Cybersecurity Reporting Requirements: Impact on Public Companies
The SEC Proposes New Cybersecurity Standards In March 2022, the SEC (Securities and Exchange Commission) released the…
Best Practices for Cyber Risk Quantification
The days of cybersecurity being a job exclusively for IT is over. In the past, data security…
The G in ESG: Why Governance Is So Important
The days of businesses thinking exclusively in terms of revenue are over. Now more than ever, companies…
Centraleyes Announces the Addition of NYDFS to its Expanding Framework Library
Centraleyes announces the addition of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation to its…
Top 3 Benefits of Cybersecurity Incident Response Plan
Cyber incidents are at the forefront of executives’ minds, earning the number one spot in a recent…
Cyber Leaders of the World: Sagar Narasimha, CISO at Amagi
Please tell us a bit about yourself, your background and your journey of becoming a CISO I…
Vulnerability Management vs. Risk Management: Everything you Need to Understand
Risk management and vulnerability management are often used interchangeably, but they are two different practices. Risk management…
Centraleyes Maps PCI DSS to its Expanding Control Inventory
Centraleyes announces the addition of PCI DSS to its extensive framework library. The PCI DSS refers to…
How to Improve Your Vendor Cybersecurity Questionnaire
Evaluating your vendors, partners, and suppliers’ cybersecurity posture has never been more critical. Unfortunately, around 45% of…
Vendor Security Risk Management Best Practices You Need to Know
Risk management has become necessary for organizations worldwide, regardless of industry or size. Vendor risk management, often…
5 Ways Security Leaders Can Scale GRC Programs
Governance, risk, and compliance (GRC) programs have become essential to the modern business landscape across all industries.…
Supply Chain Vendor Risk Assessment: The Definitive Guide
Organizations increasingly rely on third-party suppliers to support critical business functions. This upward trend has accelerated in…
Top 5 Strategies for Vulnerability Mitigation
Whether you are an SMB looking for advice as to where to start with security vulnerability management…
What Does Cyber Insurance Cover — And Why Do You Need It?
A 2021 report from IBM Security indicates that the cost of a single data breach reached $4.24…
Centraleyes Adds ISO 22301 to its Extensive Framework Library
Centraleyes announces the addition of the ISO 22301 Business Continuity Management Framework to its expanding framework library.…
Why Managing Cyber Risk Is Business Critical Today
Businesses have been investing in cybersecurity for decades, but cybercrime hasn’t gone away. Instead, the opposite has…
Operational Risk Management: Benefits and Challenges
Businesses across all industries face risks throughout their operations. Risks can target nearly every aspect of your…
Cyber Leaders of the World: Seema Sharma, Global Head of Information Security & Data Privacy at Servify
Please tell us a bit about yourself, your background, and your journey in Servify I have 15+…
Compliance Evidence Collection for Security Assurance Best Practices
Maintaining compliance isn’t just about avoiding fines — it’s about following frameworks designed to keep your company’s…
Critical Elements of Vendor Risk Management Automation
The most important step in managing your vendors and supply-chain is to build an effective and scalable…
How Security Ratings Can Help Guide Cybersecurity Performance Management
Cybercrime has been growing at an alarming rate, and executives are now aware. Approximately 55% of enterprise…
Best Practices for Security Compliance Management
Cybersecurity frameworks exist to provide a unified security standard for organizations to follow to protect their data,…
Cyber Leaders of the World: Shay Siksik, VP of Customer Experience at XM Cyber
Please tell us a bit about yourself, your background and your journey at XM Cyber As a…
Cybersecurity Insurance Alone Isn’t Enough: Here’s Why
Cybercrime is expected to total $10.5 trillion annually by 2025. So it’s understandable why organizations seek out…
Centraleyes Integrates the South African Protection of Personal Information Act with its GRC Platform
Centraleyes announces the addition of the new South African data privacy framework, the Protection of Personal Information…
Inherent vs. Residual Risk: What's the Difference?
It’s estimated that cybercrime collectively costs organizations $16.4 billion per day, or $190,000 per second. Evaluating risks,…
PCI Audit – Checklist & Requirements
What is a PCI Audit? The Payment Card Industry Data Security Standard, known widely as PCI DSS,…
Centraleyes Adds the Secure Controls Framework to its Expanding Framework Library
Centraleyes announces the addition of the Secure Controls Framework (SCF) to its expanding framework library. The Secure…
6 Steps to Successful Risk Management for Insurance Companies
With escalating threats to cybersecurity, businesses are searching for ways to supplement traditional security and to protect…
How to Get PCI DSS Certification?
The purpose of PCI DSS is simply to ensure that all companies that accept, process, store or…
5 Reasons Why B2B Startups Need SOC 2 Compliance
A smart step for any startup looking to close enterprise deals and take their company to the…
Top UAE Cybersecurity Conferences in 2022
Organizations across all industries are becoming increasingly aware of the need for modern cybersecurity techniques to protect…
5 Best Tips to Perform a Successful IT Risk Assessment
Cybersecurity has never been more critical than it is today. A new cyber attack starts every 40…
The Top Cybersecurity Breaches in the UAE
The global cost of cybercrime was estimated at US$6.1 trillion in 2021 and is expected to keep…
Centraleyes Integrates the Cyber Resilience Review Assessment to its next-gen GRC Platform
Centraleyes announces the addition of the Cyber Resilience Review (CRR) security assessment to its expanding framework library.…
Internal Controls and Data Security: Minimize Your Security Risk
The need for internal controls in a security program is crucial. They ensure you have proper measures…
Centraleyes Announces the addition of the UAE IA Compliance Regulation to its Framework Library
Centraleyes has recently announced the addition of the UAE IA compliance regulation to its expanding framework library.…
What Is an Executive Summary in Cyber Security Risk Reporting?
When you want to communicate with another person, the clearest way is to speak the same language.…
Centraleyes Adds ISO 27701 to its Framework Library
Centraleyes is excited to announce the addition of ISO 27701 security standard to its expanding framework library.…
Data Privacy vs. Data Security: What is the Main Difference?
Data is big business these days. You don’t need to look further than Google’s advertising program to…
What Is Risk Mitigation? Success-Driven Strategies & Insights You Need to Know
Operating and growing a business has seemingly endless moving pieces. Ongoing research and development, creating effective marketing…
Centraleyes Integrates OWASP MASVS to its Framework Library
Centraleyes is happy to announce the addition of OWASP MASVS security standard to its expanding framework library.…
Quantify Financial Risk With Centraleyes Platform Primary Loss Calculator
Quantifying financial risk when it comes to risk management is quite difficult task. One of the most…
Centraleyes Identified as an Outperformer and a Challenger in the GigaOm GRC Radar Report
Centraleyes reaches yet another milestone, being identified as an Outperformer in the Challenger group of the 2022…
Centraleyes Partners with UAE-based distributor, Evanssion, to bring local presence in a key market as part of its global expansion plans
Centraleyes announces its latest strategic partnership with UAE-based, value-added distributor, Evanssion.Evanssion is now promoting the Centraleyes next…
Centraleyes Adds Insider Risk Mitigation Security Standard to its Framework Library
Centraleyes is happy to announce the addition of the Insider Risk Mitigation security standard to its expanding…
Centraleyes Partners with Netsurit, Leading Global IT and Digital Transformation Managed Service Provider
Centraleyes announces its latest strategic partnership with New York-based, global IT and digital transformation managed service provider,…
Cover Your Entire Environment With Centraleyes's Risk Application Assessments
The Centraleyes platform can be leveraged to run application assessments for various apps and software that are…
Communicate Cyber Risk With Your Executives in an Intuitive, Beautifully Visualized Board Reporting
The Centraleyes Boardview module is a game-changer in Executive Reporting! The platform allows you to create faster,…
Centraleyes Announces the Addition of PIPL its Framework Library
Centraleyes is happy to announce the addition of the Personal Information Privacy Law (PIPL) of China to…
Centraleyes Updates Newly Released CMMC 2.0 in its Framework Library
Centraleyes is excited to announce the upgrade of the new CMMC version 2.0 in its extensive framework…
Centraleyes Maps the Nevada Revised Statutes to its Control Inventory
Centraleyes is proud to announce the addition of the Nevada Revised Statutes (NRS), Chapter 603A to its…
Stay on Top of Your Vendors' Cyber History With In-Depth External Scans
The Centraleyes platform offers a source of automated intelligence data feeds, which complements the self-attestation collection made…
Centraleyes Adds the Ransomware Readiness Assessment Model to its Framework Library
Centraleyes is excited to announce the addition of the Ransomware Readiness Assessment (RRA) Model to its expanding…