Blog
Understanding What GRC is and How Cybersecurity Fits Into It
Learn what GRC (Governance, Risk and Compliance) is and why cybersecurity is such an important part of a modern day GRC strategy. A well-rounded GRC strategy helps align IT with business goals, manage risks effectively and ensure compliance.
Good Cyber Hygiene and Strong Data Governance for Zero Trust Security
To implement an effective zero trust network architecture, organizations need to start with complete visibility into their data, strong data governance practices and good cyber hygiene
Understanding Sensitive Data Types and Data Protected Under HIPAA, PCI DSS
In this blog post we explore what makes particular data types sensitive, how to determine what to protect, and the specific data categories protected under HIPAA and PCI DSS.
Eight Data Protection Questions to Ask to Assess Cyber Risk
Eight crucial questions you need to ask about your data protection practices in an era when remote work is becoming the norm and sensitive data is dispersed across computing environments and geographies.
Ransomware Prevention Best Practices
Learn how to minimize the risk of ransomware and mitigate the impact of an attack if your organization is targeted. Leverage CYRISMA’s powerful features to implement essential ransomware prevention controls.
Hardware and Software Asset Inventories: Why they Matter
Learn why maintaining detailed inventories of hardware and software assets is critical to effective cyber risk management. Understand your assets to proactively manage risk and protect sensitive data.
Keeping Common Cyber Threats at Bay
Organizations can keep common cyber threats at bay by focusing on essential cybersecurity controls and getting the basics right before moving on to more complex detection strategies.
NIST CSF 2.0 – The New Govern Function
The NIST Cybersecurity Framework (CSF) version 2.0 adds a new Govern function to the CSF core. The new function includes action categories for establishing and monitoring cyber risk strategy, expectations, and policy and helps align cyber risk with overall enterprise risk.
Australia’s Essential Eight and the UK’s Cyber Essentials – An Overview
Read our overview of Australia’s Essential Eight Strategies and the UK’s Cyber Essentials scheme, how these frameworks help organizations guard against a wide range of cyber threats, and how to move closer to compliance.
Understanding CVSS and What’s New in Version 4.0
Version 4.0 of CVSS, published on November 1, 2023, introduces finer granularity into the system, enabling CVSS users to assess risk based on a wider set of factors – many of which are specific to the user environment.