Risk Management

What Is Risk?

Lazarus Alliance 0 Comment
risk management featured

Part 1: Risk and Security in Modern Systems

“Risk “is a term gaining real traction in any industry where cybersecurity regulations impact businesses. Many frameworks and regulations are turning to risk management as a proactive and comprehensive approach to security management. This shift can mean big changes for enterprises that aren’t generally considering risk as part of their security profile. 

This article is the first in a series of articles related to risk management as a challenge for modern businesses. Throughout this series, we will cover several topics related to risk management in modern business:

  • Why is risk management becoming the focus of cybersecurity?
  • Is abstract risk management detrimental to companies that would benefit from clearly-defined standards?
  • How does risk management apply to both enterprise and small businesses alike?
  • Is there a way to implement risk management with a standards-first approach?
  • Are their platforms, visualization tools, etc., that can change how we look at risk management?

Read More

Audit & Compliance

PCI DSS 4.0 Is Coming… What Should Businesses Expect?

Lazarus Alliance 0 Comment
PCI DSS 4.0 featured

After several delays and timeline shifts to accommodate vendor and auditor feedback, the Payment Card Industry Security Standards Council will release the newest version of the framework, PCI DSS 4.0. This standard, expected to launch at the end of March 2022, will fundamentally alter some key components of the framework to help support payment acceptance for modern devices and consumers. 

Here is what we are expecting to come down the pipeline once PCI 4.0 hits the market. 

 

Read More

Audit & Compliance

What Are Carve-Out and Inclusive Auditing Methods for SOC Reporting?

Lazarus Alliance 0 Comment
fedramp

SOC audits are some of the most common non-regulatory audits in the U.S. These attestations provide companies with a way to demonstrate their dedication to transparent and secure financial reporting and protecting consumer information. Accordingly, SOC reporting can become an in-depth and complicated task that is rendered even more complicated when factoring in subservice providers. 

We’ll cover two ways to account for subservice provider services in your financial and IT infrastructure: carve-out and inclusive reporting. 

 

Read More