Management, compliance & auditing May 20, 2021 Ben Hartwig CCPA vs CalOPPA: Which one applies to you and how to ensure data security compliance Follow the California Consumer Privacy Act and the California Online Privacy Protection Act for data security compliance.
Management, compliance & auditing May 20, 2021 Kenneth Magee IT auditing and controls – planning the IT audit [updated 2021] Performing an IT audit is important to understand your security strengths and weaknesses.
Management, compliance & auditing May 18, 2021 Patrick Mallory Finding security defects early in the SDLC with STRIDE threat modeling [updated 2021] Threat modeling via the STRIDE model can help reduce the effect of security attacks.
Management, compliance & auditing May 13, 2021 Patrick Mallory Cyber threat analysis [updated 2021] Learn about what a cyberthreat is.
Management, compliance & auditing April 19, 2021 Patrick Mallory Rapid threat model prototyping: Introduction and overview Choosing a form of threat modeling can help protect your organization from security threats.
Management, compliance & auditing March 11, 2021 Howard Poston Commercial off-the-shelf IoT system solutions: A risk assessment The Internet of Things (IoT) is growing rapidly. IoT devices provide convenience and can be a more efficient and cost-effective solution to a variety of different...
Management, compliance & auditing March 9, 2021 Patrick Mallory A school district’s guide for Education Law §2-d compliance During the 2014-2105 fiscal year, the New York State Education Department enacted Education Law §2-d, which includes a series of provisions designed to enhance...
Management, compliance & auditing March 8, 2021 Kenneth Magee IT auditing and controls: A look at application controls [updated 2021] Portions of this article, including many of the definitions and terminology, have been sourced and summarized from ISACA.org and course materials published...
Management, compliance & auditing February 15, 2021 Howard Poston 6 key elements of a threat model Threat modeling is a process for threat discovery and risk management. Any system carries potential risk, and a clear understanding of these risks is essential...
Management, compliance & auditing February 11, 2021 Howard Poston Top threat modeling frameworks: STRIDE, OWASP Top 10, MITRE ATT&CK framework and more Threat modeling is an exercise designed to identify the potential threats and attack vectors that exist for a system. Based upon this information, it is possible...