What is GDPR and How Does it Impact Business?

Aug 12, 2021 Lazarus Alliance 0 Comment

Data privacy and protection are critical parts of any compliance framework, and few regulatory bodies take that fact more seriously than the General Data Protection Regulation, or GDPR. A law passed in the European Union in 2018, GDPR attempts to address core issues of how businesses can gather, use and manage customer data as part of their business operations without violating the rights of those customers.

While some businesses in the U.S. may not see much value in understanding GDPR, those serving EU customers are wise to better grasp the intricacies of the law and how it will impact their work in Europe.

Who Performs SOC 2 Audits? The Importance of Cybersecurity Expertise in Auditing

Jul 22, 2021 Lazarus Alliance 0 Comment

SOC 1, SOC 2 and SOC 3 SOC Audit and Assessments; we are ready when you are! Call +1 (888) 896-7580 today.

Service Organization Control (SOC) audits exist to demonstrate a business or other organization’s readiness in areas like cybersecurity, risk management, data management and other areas. These certifications, especially from SOC 2 audits, are highly sought-after because they show how dedicated your organization is to the safety and security of user data. These audits, conducted by certified SOC auditors, are intended to be a thorough and rigorous examination of your capabilities and how they promote guiding principles of security, privacy and confidentiality.

Because of the licensing and authorization structure of the SOC auditing ecosystem, however, it is sometimes difficult to understand the capabilities of an auditor. Even now, some firms advertise SOC 2 audits that take as little as 2-4 weeks!

This article attempts to dispel the myth of a rapid SOC 2 audit, and why working with trained and dedicated security firms supports better cybersecurity practices.

Mitigation Strategies for Common Attacks According to the Cybersecurity and Infrastructure Security Agency (CISA)

Jul 15, 2021 Lazarus Alliance 0 Comment

Beginning in 2019, the Cybersecurity and Infrastructure Security Agency (CISA) began releasing their Risk and Vulnerability Assessment report. This report compiled several months of testing, audits and remediation efforts carried out on behalf of federal entities. Their assessments of these stakeholders helped them identify common attack vectors, the effectiveness of these attack vectors and how IT systems were responding to these attacks.

Recently, CISA released their report for FY 2020. While some of the information in the report is insightful and informative, much of it is also becoming unfortunate common knowledge.