Category Archives: Operational Performance Maturity Assessment

The Crucial Role of Data Center Resiliency in Business Security

Posted on by

For many organizations, data center operations are handled by the facilities team or a third-party vendor. Although these functions aren’t part of the everyday responsibilities of the IT or Security departments, they are crucial to systems availability and to the ongoing operations of the business. Having a full understanding of the capacity and capabilities of…

The post The Crucial Role of Data Center Resiliency in Business Security appeared first on TrustedSec.

Continue reading The Crucial Role of Data Center Resiliency in Business Security

Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience

Posted on by

One of the most common questions asked by business leadership is also one of the most challenging to answer: “How secure are we?” Now, some of you reading this may already be cringing or yelling at your screen that this question on its own shouldn’t have a simple answer with little actionable value. However, when…

The post Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience appeared first on TrustedSec.

Continue reading Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience

Yes, It’s Time for a Security Gap Assessment

Posted on by

For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely…

The post Yes, It’s Time for a Security Gap Assessment appeared first on TrustedSec.

Continue reading Yes, It’s Time for a Security Gap Assessment

How I Retained My QSA Certification

Posted on by

In 2019, the Payment Card Industry (PCI) Security Standards Council (SSC) modified the Qualification Requirements for Qualified Security Assessor (QSA) employees. Prior to the modification, the requirements stipulated that QSA employees must hold either an Information Security certification or an audit certification, but now QSA employees must have a minimum of two (2) industry certifications:…

The post How I Retained My QSA Certification appeared first on TrustedSec.

Continue reading How I Retained My QSA Certification

One Size Doesn’t Fit All: Penetration Testing Maturity

Posted on by

As the security industry continues to progress, companies are focusing on their own security programs, trying to figure out what works and what doesn’t. One of the areas of focus that goes to the early days of the security industry is penetration testing. Penetration testing has always been a validation method to identify exposures and…

The post One Size Doesn’t Fit All: Penetration Testing Maturity appeared first on TrustedSec.

Continue reading One Size Doesn’t Fit All: Penetration Testing Maturity

Vendor Enablement: Rethinking Third-Party Risk

Posted on by

Third-party risk management is an essential element of information security. It is common to see news about a large company being breached, and after learning more, you find out the breach was the result of a vendor. When you depend on another organization for a critical business process and allow them access to your network,…

The post Vendor Enablement: Rethinking Third-Party Risk appeared first on TrustedSec.

Continue reading Vendor Enablement: Rethinking Third-Party Risk

Securing a Remote Workforce: Top Five Things to Focus on For Everyone

Posted on by

Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle…

The post Securing a Remote Workforce: Top Five Things to Focus on For Everyone appeared first on TrustedSec.

Continue reading Securing a Remote Workforce: Top Five Things to Focus on For Everyone

The Three Step Security Strategy

Posted on by

Why Does Strategy Matter? The term ‘security strategy’ can be ambiguous and often means different things to different people. Because of this, many organizations do not have a formalized security strategy and those that do may not have an effective one. This is understandable. Managing the day-to-day issues associated with a security program (alerts, audits,…

The post The Three Step Security Strategy appeared first on TrustedSec.

Continue reading The Three Step Security Strategy