Do You Understand Your Vendors' SOC 2 Reports?

In this post, we will emphasize the importance of requesting assurances such as HITRUST, SOC 2/Type 2, ISO 27001, and FedRAMP from vendors with high inherent risks, and we will specifically explore how to interpret the key points from a SOC 2 report. Read More

The Unintended Risks of Third-Party Cybersecurity Questionnaires 

CISOs are aware of the need to address TPRM, yet they often struggle with the scale and complexity of the task. As good security leaders tend to do, they take action. However, they usually take action with great uncertainty about the most effective approach for truly solving the TPRM problem. Read More