NIST CSF
May 18, 2021
Centraleyes’s Resource Center
Centraleyes Provides You With Various Resources
On the Different Industries And Services
Resources | Blog
Steps to Identify Controlled Unclassified Information and Protect It
What is Controlled Unclassified Information? CUI stands for Controlled Unclassified Information. CUI is defined as government-related information…
What's New in CIS Controls v8?
CIS Controls The Center for Internet Security (CIS), a non-profit organization with a mission to develop and…
Utah Consumer Privacy Act: What Do Businesses Need To Know
In the United States, most products are regulated by federal agencies that oversee safety standards and enforce…
Why Spreadsheets Don’t Work for Managing Risk Assessments
Microsoft Excel, Google Sheets, and their equivalent software programs are indispensable, and for good reason. These essential…
Colorado Privacy Act Signed Into Law: What You Need to Know
Privacy law is a trending topic in the United States. In the shadow of groundbreaking GDPR laws…
How To Perform a Successful GRC Gap Analysis
Gap analysis is a starting point for a business to compare its current state of information security…
How to Manage Company Compliance During Recession: Complete Checklist
Since the 2008 recession, we’ve seen years of mostly low inflation, declining interest rates, and healthy stock…
New Data Privacy Law: Steps Organizations Should Take to Update Their Data Inventory for 2023
State legislatures across the US have been on a roll in introducing omnibus privacy bills. During the…
7 Steps to Accelerate Your Cyber Risk Remediation Initiative
The digitization of the modern workplace has emphasized the importance of cybersecurity for businesses everywhere. Cyber threats…
The Problem With Heat Maps
Some of you are likely inclined to dismiss that idea outright. Traditionally, organizations that use a heat…
Continuous Control Monitoring: Why is it So Important?
Security teams are tasked with the job of assuring that business risks are securely managed and that…
Struggling to Fix Cyber Governance? Here Are the Most Powerful Strategies
Definition of Cyber Governance Cyber security governance provides a strategic view of how an organization controls its…
Pros and Cons of Continuous Compliance Solutions
Compliance Audit Woes Compliance audits are STRESSFUL. IT teams work overtime and overnight to collect evidence of…
Cloud Compliance: Best Practices for Success
Race to the Cloud Cloud migration is not just a quick shift from traditional network systems to…
Guide to Cloud Security Risk Management
Cloud computing is transforming enterprises and e-commerce markets globally, thanks to its scalability and flexible usage. Within…
Cyber Risk Quantification
If there’s one thing that’s certain in the expanding digital world, it’s that nothing is certain. Unseen…
Risk Quantification: Why Quantifying Is Only the First Step to Effective Risk Management
Breaches have never been more expensive. Don’t believe us? See for yourself. The average data breach cost…
The Difference Between Due Diligence and Due Care in Cybersecurity
Due diligence and due care are commonly used interchangeably, but in the world of cybersecurity, they have…
The Ongoing Need for Cyber Insurance
Cyber Insurance is not a new concept — it has existed in one form or another since…
Managing 4th Party Risk in Your Enterprise: A Step by Step Guide
Supply chains have never been more complex and intertwined. The result is a network of vendors and…
Why Use Automated Compliance Solutions in 2022
Compliance automation has never been more important as companies face frequently updated regulations and a growing cost…
A GRC Framework: 5 Tips for Building a Successful One
The GRC Revolution Unlike many catchphrases in the cyber dictionary, GRC (governance, risk, and compliance) is not…
Inflation Impacts Cyber Data-Loss: Here’s What You Need to Know
Inflation is already impacting organizations worldwide, and its impact on the cost of cybersecurity incidents must be…
Cyber Data Loss: 4 Best Ways to Avoid
Data is the life force of business today. What would happen to a business if it was…
Everything You Need to Know ESG Risk Assessment Tools
The way that your company conducts itself has never been more critical. Approximately 76% of consumers say…
![Everything Startups Must Know About Compliance [Guide]](https://www.centraleyes.com/wp-content/uploads/2022/08/Blog_post_-_Everything_That_Startups_Must_Know_About_Compliance.jpg)
Everything Startups Must Know About Compliance [Guide]
Most startups fail, so how can yours succeed? It’s a complex answer, but part of that answer…
New SEC Cybersecurity Reporting Requirements: Impact on Public Companies
The SEC Proposes New Cybersecurity Standards In March 2022, the SEC (Securities and Exchange Commission) released the…
Best Practices for Cyber Risk Quantification
The days of cybersecurity being a job exclusively for IT is over. In the past, data security…
The G in ESG: Why Governance Is So Important
The days of businesses thinking exclusively in terms of revenue are over. Now more than ever, companies…
Top 3 Benefits of Cybersecurity Incident Response Plan
Cyber incidents are at the forefront of executives’ minds, earning the number one spot in a recent…
Vulnerability Management vs. Risk Management: Everything you Need to Understand
Risk management and vulnerability management are often used interchangeably, but they are two different practices. Risk management…
How to Improve Your Vendor Cybersecurity Questionnaire
Evaluating your vendors, partners, and suppliers’ cybersecurity posture has never been more critical. Unfortunately, around 45% of…
Vendor Security Risk Management Best Practices You Need to Know
Risk management has become necessary for organizations worldwide, regardless of industry or size. Vendor risk management, often…
5 Ways Security Leaders Can Scale GRC Programs
Governance, risk, and compliance (GRC) programs have become essential to the modern business landscape across all industries.…
Supply Chain Vendor Risk Assessment: The Definitive Guide
Organizations increasingly rely on third-party suppliers to support critical business functions. This upward trend has accelerated in…
Top 5 Strategies for Vulnerability Mitigation
Whether you are an SMB looking for advice as to where to start with security vulnerability management…
What Does Cyber Insurance Cover — And Why Do You Need It?
A 2021 report from IBM Security indicates that the cost of a single data breach reached $4.24…
Why Managing Cyber Risk Is Business Critical Today
Businesses have been investing in cybersecurity for decades, but cybercrime hasn’t gone away. Instead, the opposite has…
Operational Risk Management: Benefits and Challenges
Businesses across all industries face risks throughout their operations. Risks can target nearly every aspect of your…
Compliance Evidence Collection for Security Assurance Best Practices
Maintaining compliance isn’t just about avoiding fines — it’s about following frameworks designed to keep your company’s…
Critical Elements of Vendor Risk Management Automation
The most important step in managing your vendors and supply-chain is to build an effective and scalable…
How Security Ratings Can Help Guide Cybersecurity Performance Management
Cybercrime has been growing at an alarming rate, and executives are now aware. Approximately 55% of enterprise…
Best Practices for Security Compliance Management
Cybersecurity frameworks exist to provide a unified security standard for organizations to follow to protect their data,…
Cybersecurity Insurance Alone Isn’t Enough: Here’s Why
Cybercrime is expected to total $10.5 trillion annually by 2025. So it’s understandable why organizations seek out…
Inherent vs. Residual Risk: What's the Difference?
It’s estimated that cybercrime collectively costs organizations $16.4 billion per day, or $190,000 per second. Evaluating risks,…
PCI Audit – Checklist & Requirements
What is a PCI Audit? The Payment Card Industry Data Security Standard, known widely as PCI DSS,…
5 Steps of the Risk Management for Insurance Companies
With escalating threats to cybersecurity, businesses are searching for ways to supplement traditional security and to protect…
How to Get PCI DSS Certification?
The purpose of PCI DSS is simply to ensure that all companies that accept, process, store or…
5 Reasons Why B2B Startups Need SOC 2 Compliance
A smart step for any startup looking to close enterprise deals and take their company to the…
Top UAE Cybersecurity Conferences in 2022
Organizations across all industries are becoming increasingly aware of the need for modern cybersecurity techniques to protect…
5 Best Tips to Perform a Successful IT Risk Assessment
Cybersecurity has never been more critical than it is today. A new cyber attack starts every 40…
The Top Cybersecurity Breaches in the UAE
The global cost of cybercrime was estimated at US$6.1 trillion in 2021 and is expected to keep…
Internal Controls and Data Security: Minimize Your Security Risk
The need for internal controls in a security program is crucial. They ensure you have proper measures…
What Is an Executive Summary in Cyber Security Risk Reporting?
When you want to communicate with another person, the clearest way is to speak the same language.…
Why is Threat Modeling So Important in 2022?
There’s an old saying — an ounce of prevention is worth a pound of cure. Nowhere does…
The 10 Best Compliance Podcasts You Should Listen To In 2022
Podcasts have exploded in popularity over the past several years, and it’s not difficult to see why.…
Data Privacy vs. Data Security: What is the Main Difference?
Data is big business these days. You don’t need to look further than Google’s advertising program to…
What Is Risk Mitigation? Success-Driven Strategies & Insights You Need to Know
Operating and growing a business has seemingly endless moving pieces. Ongoing research and development, creating effective marketing…
Preparing for your SOC 2 Audit - Do’s and Don’ts
Legend has it that SOC 2 is one of the most challenging audits out there, achievable only…
Everything You Need to Know About UK Cyber Essentials
What is UK Cyber Essentials? Cyber Essentials is a government-backed scheme that was created to help organisations…
What Is SOC 2 Automation Software and Why It's Necessary
In its quest to specify how organizations should manage their customers’ data, the American Institute of CPAs…
Business Impact Assessment vs. Risk Assessment: What's the Difference?
Does your business have a disaster recovery plan? If not, it should. In today’s threat-rich business landscape,…
Examining the Cybersecurity Risks of the Russia-Ukraine Conflict
We are living in an era of digital warfare, and have been for quite some time. Threat…
The SOC 2 Compliance Checklist for 2022
SOC 2 is the gold standard in Information Security certifications and shows the world just how seriously…
The Best of Both Worlds: Why Modern Risk Management Demands a Hybrid Approach
An ounce of prevention is worth a pound of cure. Decision-makers would do well to remember this.…
CMMC v2.0 vs NIST 800-171: Understanding the Differences
The U.S. Defense Industrial Base (DIB) Sector is the worldwide industrial complex that enables research and development,…
How to Integrate an ESG Framework into Your Risk Management Plan
Every aspect of a business is affected by ESG from its very inception through to production and…
Benefits of Automating SOC 2 Compliance and Why Is It Important?
Achieving a gold medal has always involved stamina, perseverance, hard work and determination. Achieving this gold-standard compliance…
How Automating Audit Workflows Streamlines the Process
Every audit will involve an official inspection and thorough examination of your company: its IT systems, networks,…
Everything You Need To Know About The New York Privacy Act 2021
Finding a balance between the need to handle personal information and protecting the privacy of individuals can…
What is the Massachusetts Data Privacy Law (MIPSA)?
Unlike Europe and its GDPR (General Data Privacy Regulation), the United States doesn’t have a blanket set…
What Are the Elements of an Effective GRC Program?
The landscape of risks and threats your business now faces is more complex than it’s ever been.…
ESG Risk Management: How to Conduct Risk Assessments, Analyze and Prioritize
As far back as the early 1900s, special laws and government agencies were beginning to pop up…
How IT Risk Management Impacts Your Organization
No business is without risk — and anyone who believes otherwise is due for a rude awakening. …
Why Every Business Needs a Cybersecurity Incident Response Plan
Imagine if you knew someone was about to break into your house. With adequate time to prepare,…
Top Cybersecurity & Third-Party Risk Management Trends to Follow in 2022
The aftershocks of the disruption created by the coronavirus will be felt for years to come. Almost…
Why Board Members Should care about ESG Compliance Software
Environmental, Social and Governance (ESG) issues are a regular part of mainstream consciousness and are continuously gaining…
How to Implement a Vulnerability Management Program — and Why You Need One
Between the shift to distributed work, the growth of the Internet of Things, and the troubling surge…
How Do You Choose a GRC Platform for Your Company?
Every great company has a sound business plan. It encompasses knowledge and expertise, evaluates the market, calculates…
What Does Compliance Automation Enable for Your Business?
Compliance has long been a thorn in the side of IT departments — not in the least…
GRC vs. IRM: A New Approach to Risk Management
The Internet of Things is growing at a breakneck pace, with the total number of connected devices…
How To Develop a Cybersecurity Risk Management Plan
Cybercrime is on the rise in virtually every industry. Today’s businesses are facing an unprecedented threat landscape…
How Insurance Companies Can Leverage Cyber Risk Management
Last year set multiple records for cyber crime, and none of them were good. DDoS attacks soared…
FAIR Model Risk Management - Pros and Cons
Information risk is not just a technical problem but affects the bottom line and daily activities of…
Top Benefits of Effective 3rd Party Vendor Risk Management
Today’s businesses don’t operate in a vacuum. To maintain high standards of efficiency, supply chains everywhere need…
How To Create an Effective Vendor Management Program
Vendors are an essential component of your organization and many times now a true extension of your…
What Role Does Cyber Insurance Play in Risk Management?
What do you think of when you hear about commercial insurance? Your first thought may be liability…
Top 5 Cybersecurity Tips for Your Organization During the Holidays
The holiday season gives malicious actors the perfect opportunity to attack your organization’s systems to obtain sensitive…
M&A Cybersecurity Due Diligence Best Practices: What You Need to Know
Mergers and acquisitions (M&A) are intended to boost the value of your brand or business when you…
Cyber Risk Management For Investment Portfolios: Why Private Equity Firms Should Pay Attention
The goal of any investment is to generate a positive return on that investment—so that part’s obvious.…
Centraleyes New Release Introduces Next-Gen Enterprise Risk Register to the Platform
With our most recent update to Centraleyes, we’ve introduced a next-generation risk register that allows clients full…
How the OWASP Application Security Verification Standard Helps Improve Software Security
A short time ago, we announced our integration of OWASP ASVS into our cyber risk management platform.…
Top 10 US State Data Privacy Laws To Watch Out For in 2022
The digital era has brought new levels of attention to the privacy debate. From big data breaches…
The Battle of the Greats: Security vs. Compliance
Security vs. compliance—that’s the million dollar question every organization is trying to answer. And thanks to the…
ESG Reporting Frameworks: Manage Your ESG Compliance Process
What is the ESG reporting framework? ESG stands for Environmental, Social and Governance. It’s become a popular…
What Is NIST Zero Trust Architecture & How to Achieve It
Modern enterprise networks and infrastructures are complex. Working with several different networks, cloud services, and remote workers…
Security Is Not a Feature - And It's Not Optional Either
Let’s face it, there’s a major flaw in the way businesses approach cybersecurity. It’s not uncommon for…
7 Security Challenges Most SaaS Businesses Comes Across
Placing data on the cloud always sounds like a great idea – many big companies are doing…
What Is a Compliance Management System? A Quick Overview
Whether you work in retail, pharmaceuticals, manufacturing, or another industry, your business must follow government regulations if…
How To Approach Cybersecurity Risk Assessment: 4 Actionable Steps
Digitization has made both our personal lives and business workflows more convenient and efficient than ever, but…
4 Critical Capabilities Your Cyber Risk Management Tools Should Have
Cybersecurity is top of mind for most businesses today. A single data breach can compromise your ability…
How to Build a Cyber Risk Assessment Matrix
When conducting a cyber risk assessment, you need to quantify the risk levels of various scenarios taking…
Why a Cyber Risk Management Solution May Be Right for You
In a world where technology has become the dominating force for every organization, and the dependency on…
The CIS Top 20 Controls: What Are the Top Level Controls?
In a world where data breaches are a daily occurrence, implementing cyber security controls that can protect…
5 Considerations for Cybersecurity Risk Management
Cybersecurity risk is a moving target which literally changes from day to day. New attack vectors, zero…
Automation in Risk Management: Readying for the Future
Risk management is a concept that has been around for many years, though we have seen a…
Explaining HIPAA in the Corona age
If your business or organization operates in the healthcare space, you are most probably familiar with HIPAA…
NIST 800-46: Securing Your Enterprise in the Work-From-Home Reality
The COVID-19 crisis has thrown up innumerable challenges for businesses. With remote working becoming part of everyday…
NIST Privacy Framework – The Next Generation of Enterprise Privacy Has Arrived
The technology sector is constantly evolving and with it, the collection, retention and use of personal data.…
Cyber Security Best Practices for Enterprises Enabling Remote Work Locations
This is the first in a series of solutions that CyGov will be providing in order to…
CMMC Explained – A New Cyber Standard for DoD Contractors
There are several factors for government departments when it comes to selecting contractors, but cyber security is…
Shifting the Paradigm – Strategy over Technology
Does this sound familiar? Utilizing legacy security tools to protect an organization with limited budgets against an…
CCPA – How to Protect Your Business as well as Your Customers
Running a company is never simple. But for companies that do business in the State of California,…
- Yair Solow on CNN
- Yair Solow on i24 News
- Yair Solow Featured on Bugy's Founder Interviews
- Centraleyes Chosen as Global Top 5 Startups of the Year - Interview
- Spotlight Q&A with Centraleyes at Safety Detectives
- Centraleyes on Cyber Ghost: Interview with Yair Solow
- New Centraleyes 4th Generation Release Officially Goes Live
- Yair Solow Featured on VPN Mentor
- CyGov Signs a Strategic Agreement with R3 (Spanish)
- Centraleyes Welcomes Co-Founder of Optiv, Dan Burns, to Its Board of Directors
- Centraleyes Continues to Expand Its Global Network of Strategic Partners with UK-based ITC Secure
- Centraleyes Introduces First Automated Risk Register
- Yair Solow Featured on Website Planet
- Trevor Failor named head of sales at CyGov
- CyGov is rebranding its platform as Centraleyes
- Cybersecurity Company Cygov Partners With Risk Management Company Foresight
- CyGov agrees strategic partnership with top 200 MSSP Cybriant
- Cyber Resilience Resource for Businesses Re-Deploying Remotely
- The Four New Pillars of Corporate Protection Yair Solow on InfoSecurity Magazine
- CyGov selected by SixThirty as Top Cyber Security Startup
- Europe's Top Cyber Security Startups
- Centraleyes Expands Automated Risk Register To Cover All Enterprise Risk
- CyGov Interviewed by MediaSet
- Eli Ben Meir's article in Security Intelligence
- CyGov Selected by WorldBank
- Eli Ben Meir OpEd in the Houston Chronicle
- Yair Solow and Eli Ben Meir Present at the SparkLabs Demoday 8
- Enhance Your Cyber Maturity With ITSM Integration and Automated Remediation
- Ensure Your Ongoing Compliance With Automatic Framework Reassessment Tasks
- Stay in the Know With a Full Activity Log of Your Assessment Collection
- Add a New Entity to Perform Your Assessment in 10 Seconds
- Quantify Financial Risk With Centraleyes Platform Primary Loss Calculator
- Cover Your Entire Environment With Centraleyes's Risk Application Assessments
- Communicate Cyber Risk With Your Executives in an Intuitive, Beautifully Visualized Board Reporting
- Stay on Top of Your Vendors' Cyber History With In-Depth External Scans
- Automate the Creation and Maintenance of a Risk Register, Saving Hours on Manual Work
- Add a New Framework and Distribute Assessments in Your Organization
- View Your Organization's Risk Scoring Through the NIST Tiering Lens
- Most Intuitive Way for Compliance With the Framework Navigation Tool
- Always Prepared for the Next Task With Automated Remediation
- Effective Team Work With Drag-and-Drop Control Assignment
- Get Real-Time Critical Alerts That are Specifically Relevant to You
- MSSPs Can Manage Multiple Clients Under One Platform
- Onboard a New Vendor in Just 30 Seconds
- Turn Hours of Work Into Seconds with Centraleyes Vendor Risk Profile
- Always Informed with Centraleyes Domain Benchmarking
- World Cup Cyber
- FTX Has Been Hacked
- Insurance Giant Settles Groundbreaking Lawsuit with Oreo Cookie Brand Mondelez
- White House Convenes Ransomware Summit
- FBI Warns of Iranian Hacking Group Ahead of Elections
- Verizon Verifies Data Breach
- Nullmixer Malware Madness
- Uber: MFA Bombing Attack
- Twitter: Don’t Shut Down- Get Better!
- Education Hit Hard by Ransomware
- Third-party Services Breached for 2.5 million Loan Application Records!
- Credential Stuffing via Residential Proxy is on the Rise!
- Meraki Firewall False Positive Triggers Microsoft 365 Outage
- Vendor Breach at Idaho Hospital
- CosmicStrand: Getting Down to the Root of the Problem
- 4 “High Impact” Security Risks for Okta
- Phishing for Credentials
- Healthcare Data Dominoes
- ToddyCat APT Aims High
- Interpol Takes Down 2000 Social Engineers
- Centraleyes Announces the Addition of NIST 800-53 to its Expanding Framework Library
- Centraleyes Adds the HECVAT Risk Assessment to its Expanding Framework Library
- Centraleyes Maps the FFIEC to its Expanding Control Inventory
- Centraleyes Announces the Addition of NYDFS to its Expanding Framework Library
- Centraleyes Maps PCI DSS to its Expanding Control Inventory
- Centraleyes Adds ISO 22301 to its Extensive Framework Library
- Centraleyes Integrates the South African Protection of Personal Information Act with its GRC Platform
- Keep China Out: Patch Network Devices ASAP
- Centraleyes Adds the Secure Controls Framework to its Expanding Framework Library
- Hijacked Whatsapp Accounts- Protect Yourself!
- Pwn2Own- Successful Hacks
- Centraleyes Integrates the Cyber Resilience Review Assessment to its next-gen GRC Platform
- The Critical F5 BIG-IP Vulnerability
- Centraleyes Announces the addition of the UAE IA Compliance Regulation to its Framework Library
- Centraleyes Adds ISO 27701 to its Framework Library
- Tricked at the Top: US Dept. of Defense
- Coca-Cola Breach: The Real Thing? 
- Dwell-Time Down, Vigilance Up!
- Centraleyes Integrates OWASP MASVS to its Framework Library
- Centraleyes Identified as an Outperformer and a Challenger in the GigaOm GRC Radar Report
- How to build a successful GRC program to help reduce your risk posture - a joint webinar with Corvus Insurance
- How to stay secure and compliant in a world of regulatory turmoil - a joint webinar with Netsurit
- Flash Webinar: Don’t Keep Your Head in the Clouds – How to Protect Yourself from Virtual Risk
- Flash Webinar: How to Know When it's Time to Build a Risk Management Program
- Enhancing Cyber Risk Management Through the Power of Automation - Boutique Webinar
- Flash Webinar: From Technical to Business Risk - How to Communicate With Your Board
- Flash Webinar: What You Can Learn From the SolarWinds Attack to Lower Your Chances of Being Breached
- Flash Webinar: Supply Chain, 3rd-Party Vendors and the Silent Assassin Among Them
- Flash Webinar: Cyber Risk Management - it Doesn't Have to Be So Painful
- Steps to Identify Controlled Unclassified Information and Protect It
- What's New in CIS Controls v8?
- Utah Consumer Privacy Act: What Do Businesses Need To Know
- Why Spreadsheets Don’t Work for Managing Risk Assessments
- Colorado Privacy Act Signed Into Law: What You Need to Know
- How To Perform a Successful GRC Gap Analysis
- How to Manage Company Compliance During Recession: Complete Checklist
- New Data Privacy Law: Steps Organizations Should Take to Update Their Data Inventory for 2023
- 7 Steps to Accelerate Your Cyber Risk Remediation Initiative
- The Problem With Heat Maps
- Continuous Control Monitoring: Why is it So Important?
- Struggling to Fix Cyber Governance? Here Are the Most Powerful Strategies
- Pros and Cons of Continuous Compliance Solutions
- Cloud Compliance: Best Practices for Success
- Guide to Cloud Security Risk Management
- Cyber Risk Quantification
- Risk Quantification: Why Quantifying Is Only the First Step to Effective Risk Management
- The Difference Between Due Diligence and Due Care in Cybersecurity
- The Ongoing Need for Cyber Insurance
- Managing 4th Party Risk in Your Enterprise: A Step by Step Guide
- Why Use Automated Compliance Solutions in 2022
- A GRC Framework: 5 Tips for Building a Successful One
- Inflation Impacts Cyber Data-Loss: Here’s What You Need to Know
- Cyber Data Loss: 4 Best Ways to Avoid
- Everything You Need to Know ESG Risk Assessment Tools
- Everything Startups Must Know About Compliance [Guide]
- New SEC Cybersecurity Reporting Requirements: Impact on Public Companies
- Best Practices for Cyber Risk Quantification
- The G in ESG: Why Governance Is So Important
- Top 3 Benefits of Cybersecurity Incident Response Plan
- Vulnerability Management vs. Risk Management: Everything you Need to Understand
- How to Improve Your Vendor Cybersecurity Questionnaire
- Vendor Security Risk Management Best Practices You Need to Know
- 5 Ways Security Leaders Can Scale GRC Programs
- Supply Chain Vendor Risk Assessment: The Definitive Guide
- Top 5 Strategies for Vulnerability Mitigation
- What Does Cyber Insurance Cover — And Why Do You Need It?
- Why Managing Cyber Risk Is Business Critical Today
- Operational Risk Management: Benefits and Challenges
- Compliance Evidence Collection for Security Assurance Best Practices
- Cyber Leaders of the World: Rob Black, CEO and Founder of Fractional CISO
- Cyber Leaders of the World: Zachary Lewis, CISO at the University of Health Sciences and Pharmacy in St. Louis
- Cyber Leaders of the World: Dan Wilkins, CISO at the State of Arizona
- Cyber Leaders of the World: Sagar Narasimha, CISO at Amagi
- Cyber Leaders of the World: Seema Sharma, Global Head of Information Security & Data Privacy at Servify
- Cyber Leaders of the World: Shay Siksik, VP of Customer Experience at XM Cyber
- Cyber Leaders of the World: Raz Karmi, CISO at SimilarWeb
- Cyber Risk Remediation
- ESG Frameworks
- FAIR Training
- Cybersecurity Architecture
- Risk Management Maturity
- Crosswalking Controls
- Attestation of Compliance (AoC)
- Cyber Attack Vector
- Information Security Governance
- Risk Prioritization
- Operational Resilience
- Digital Risk Management
- EDR Solutions
- Cyber Threat Modeling
- Information Security Management System (ISMS)
- GRC Tools
- Cybersecurity Posture
- Cybersecurity Maturity Model Certification (CMMC)
- Cybersecurity Audit
- Information Security Risk
- Supply Chain Compliance
- Compliance Automation Software
- Cybersecurity Risk Analysis
- IT Vendor Risk Management
- Cybersecurity Performance Management
- Cybersecurity Incident Disclosure
- Cyber Governance
- ESG Risk Management
- Application Risk Assessment
- Cyber Security Risk Register
- Self-assessment Questionnaire (SAQ)
- POA&M
- Zero Trust Architecture
- RMIS Software
- Vendor Management Policy
- Vendor Assessment
- Audit Trail
- Data Security Controls
- Cloud Security Compliance
- IT Security Policy
- How do you implement the NIST cybersecurity framework using ISO 27001?
- How long does it take to get SOC 2 compliance?
- Why is due diligence necessary when dealing with external vendors?
- What should be included in an incident response plan?
- What is the purpose of cyber security insurance?
- How to Develop Internal Controls to Mitigate IT Security Risks
- How is the GDPR affecting cyber risk management?
- What is the Cyber Supply Chain Risk Assessment Process?
- How do we build a privacy program?
- How Do You Evaluate Cybersecurity Risk?
- What are Cyber Security Risks in Retail?
- What Are the 5 Steps Toward HIPAA Compliance?
- What Are POA&Ms Used For?
- How to Implement ISO 27001 Controls?
- What is an Enterprise Vendor Risk Management Program?
- What is an integrated risk management (IRM) approach for a company?
- Why is third-party risk management important?
- How do you Perform a Vendor Risk Assessment?
- Last Resources
CIS Controls
June 14, 2021
Secure Controls Framework (SCF)
May 30, 2022
OWASP ASVS
June 14, 2021
CCPA
June 14, 2021
GDPR
June 14, 2021
NY SHIELD Act
June 14, 2021
ISO 27701
June 14, 2021
ISO 27001
June 14, 2021
PCI DSS
June 14, 2021
SOC 2 Type II
June 14, 2021
FFIEC
June 14, 2021
Steps to Identify Controlled Unclassified Information and Protect It
November 28, 2022
World Cup Cyber
November 24, 2022
What’s New in CIS Controls v8?
November 24, 2022
