Throughout 2023, many organizations have grappled with the dynamic landscape of new regulations, ever-evolving requirements, and increased IT security threats. At CampusGuard, we have prioritized keeping our customers and others well-informed about IT security and compliance mandates, deadlines, and any associated modifications through our blog.
Here are our top 10 most-read blogs in 2023:
- PCI DSS v4.0: Targeted Risk Analysis Explained
Discover how PCI DSS v4.0 has significantly changed the approach organizations must take towards risk assessment. Learn the nine requirements that include the completion of targeted risk analyses.
- 6 Reasons to Incorporate Security Awareness Training in Your Organization
As the threat of data breaches continues to escalate, providing your employees with the knowledge they need to implement information security best practices becomes increasingly critical. Learn six important incentives for making security awareness training a priority in your organization.
- GLBA Safeguards Rule: Penetration Testing Requirements
The revised Safeguards Rule specifically states that the testing process must either deploy continuous monitoring of the implemented safeguards or include annual penetration testing and bi-annual vulnerability scanning.
- 8 Reasons to Schedule a Tabletop Exercise
Performing a tabletop exercise is an important step in testing your current incident response plan and identifying additional mitigation and preparedness needs before a cyberattack occurs. Read eight reasons why organizations should be implementing regular tabletop exercises into their information security strategies.
- GLBA Written Reports: Keeping the Board of Directors in the Loop
As a part of the GLBA “Final Rule,” the FTC requires an organization to appoint a Qualified Individual to report on an organization’s information security program and compliance status to a board of directors or similar governing body.
- PCI DSS v4.0: Don’t Wait to Talk to Your Leadership Team about New Requirements for Third-Party Relationships
In this article, we provide you with the steps to officially inform and prepare senior leadership and your procurement/legal teams for possible challenges that may arise regarding third-party vendors with the upcoming migration date for PCI DSS v4.0.
- PCI DSS v4.0: An Open Letter to PCI Third-Party Service Providers
As your organization finalizes migration plans for moving to PCI DSS v4.0, vendor oversight should be a top priority. Use our templated letter to communicate with your vendor list now to ensure they are on track to meet new PCI DSS v4.0 requirements.
- Third-Party Vendor Breaches — Is Your Organization Prepared to Respond?
Outsourcing to a third-party vendor can shift many of the required security and compliance controls away from your organization, but you will still own the overall compliance responsibility, and a third-party breach can still have a significant impact on your organization’s customers, name, and reputation.
- GLBA Safeguards Rule: Audit Compliance Objectives
Learn more about CampusGuard’s initial review of the 2023 Audit Guide and implications related to the Gramm-Leach Bliley Act (GLBA) Safeguards Rule.
- Top 8 Actions to Incorporate in Your 2023 IT Security and Compliance Programs
Check our list of eight actionable measures to integrate into your IT security and compliance programs to defend your organization from a cyberattack.
We hope you find our content to be valuable and actionable and appreciate you engaging with it. Visit our Insights page for more blog articles and other content, including case studies, infographics, threat briefings, webinars, and more.