With COVID-19, always-online eCommerce and the migration to remote, distributed workforces, IT security is more important now than ever. In some industries, regulations can dictate the privacy and security requirements that every organization must meet. In others, those regulations may be less rigorous or even non-existent. That’s why many organizations turn to additional frameworks to shore up their approach to security. That’s where SOC 2 comes in. 

Service Organization Control (SOC) is a standard put into place by the American Institute of Certified Professional Accountants (AICPA) to help financial institutions protect client and customer data. Because the framework is robust and focused, many organizations opt to achieve certification as part of a larger security and customer relationship strategy. 

In 2022, after such dynamic shifts in our lives (particularly those tied to digital information), SOC 2 is more important than ever. Specifically, the five Trust Criteria can serve as the backbone of modern privacy and compliance strategies. 

Read More

It’s a new year, and with a new year come new security challenges and new takes on old favorites. While phishing, social engineering, and state-sponsored attacks are still significant issues, new machine learning innovations support better security efforts. But emerging attack vectors like IoT objects are shifting the cybersecurity battleground into new and unknown territory. 

Here are some of the top trends we see down the road in 2022. 

Read More

The California Consumer Protection Act (CCPA) was a landmark law passed in California to support data privacy and consumer rights. As time has marched onward, new technologies and insights from stakeholders have introduced new approaches to the challenges addressed by CCPA. That’s why Proposition 24, the California Privacy Rights Act (CPRA), was drafted and passed into law. 

With the provisions of CPRA set to become operative on January 1 of 2022, businesses must understand the shift from CCPA to CPRA.

Read More