Integrating ISO 27001 with other ISO Standards: Preparing for Long-Term Security and Compliance

ISO integration featured

We are big believers in packaging your compliance needs into a single, effective standard within your organization. It doesn’t make any sense to double up on work, and streamlining compliance across multiple standards makes your efforts better and faster. 

In light of that, we’re discussing how you can streamline some of your existing ISO compliance standards. This means seeing how your hard work in the ISO 27001 standard can complement other common ISO frameworks.

 

Read More

The Digital Supply Chain and Security Flaws in the R Programming Language

CODE security featured

We use “the digital supply chain” regularly because enterprise and government businesses rely heavily on it. The relationships between vendors, cloud providers, software, and customers are so deeply intertwined that it’s impossible to avoid the big picture–that security is a complex activity that can span dozens of entities. 

A recently discovered flaw in the R programming language (which you may or may not have even heard of) has introduced a severe security threat and CVE designation that experts are patching. But how does a small problem in a programming environment threaten major tech companies like Google and Microsoft?

 

Read More

The Kaiser Data Breach and the Importance of HIPAA for Vendor Relationships

HIPAA breach

Unfortunately, HIPAA data breaches are increasingly common. Kaiser Permanente, one of the largest healthcare insurance providers in the U.S., recently reported a massive exposure of millions of patient records (Protected Health Information, or PHI). 

This unfortunate event also serves as a learning moment for companies who may not understand how to avoid such unintended consequences.

 

Read More