Points that will be covered during this episode and then discussed further in subsequent episodes, include:A well-designed system requires that you identify potential sources of a security breach,mitigate them and provide a strong ongoing defense system for your information. An attack will happen – it’s not a case of ‘if’ it’s a matter of ‘when’.It’s virtually impossible to … [Read more...] about How to Use ISO 27001 to Manage Cyber Attacks
Security Assessment for an IoT-Based System
This article from QASource highlights the critical importance of security in the rapidly growing Internet of Things (IoT) market. With projections indicating significant growth in the IoT sector, the need for comprehensive security measures to protect data and services managed by IoT devices has become paramount. The article emphasizes the complexities of IoT architectures, … [Read more...] about Security Assessment for an IoT-Based System
Demystifying ISO 27701: A Comprehensive Guide for Data Privacy Management
This article sheds light on the significance of ISO 27701 in data privacy management. ISO 27701, in particular, extends the principles of ISO 27001, which concentrates on information security, to include data privacy aspects. This standard is designed to help organizations manage and protect personally identifiable information (PII) effectively, ensuring compliance with privacy … [Read more...] about Demystifying ISO 27701: A Comprehensive Guide for Data Privacy Management
Mastering NIST Penetration Testing: Your Essential Guide to Robust Cybersecurity
This article emphasizes the importance of penetration testing in strengthening an organization's cybersecurity defenses. It outlines the National Institute of Standards and Technology (NIST) Penetration Testing Framework, which provides a structured approach to security assessments, helping organizations protect against potential threats. The framework comprises four key … [Read more...] about Mastering NIST Penetration Testing: Your Essential Guide to Robust Cybersecurity
Improving Enterprise Patching for General IT Systems
This NIST publication addresses the critical challenge of patch management in cybersecurity. Authored by experts from the National Cybersecurity Center of Excellence (NCCoE) at NIST and collaborators from various organizations, including Microsoft and The MITRE Corporation, the publication provides practical guidance for enhancing patching practices within IT systems.The … [Read more...] about Improving Enterprise Patching for General IT Systems
Getting Started With Passkeys, One Service at a Time
This article by Robert Lemos discusses the growing momentum of passkeys, a technology designed to replace traditional passwords for logging into websites and cloud services. Major technology companies like Apple, Google, Microsoft, and third-party password providers such as 1Password and Bitwarden have embraced passkeys. This widespread adoption is in response to the … [Read more...] about Getting Started With Passkeys, One Service at a Time
IBM’s Cost of a Data Breach Report 2023 finds the average cost of a data breach at $4.45 million
IBM Security's 2023 Cost of a Data Breach Report provides critical insights for IT, risk management, and security leaders. The report analyzed data from 553 organizations across 16 countries and regions and 17 industries that experienced data breaches between March 2022 and March 2023. This year's report introduces new areas of exploration, including how breaches are … [Read more...] about IBM’s Cost of a Data Breach Report 2023 finds the average cost of a data breach at $4.45 million
What Security Breach Notification Laws Exist for Every U.S. State
In the United States, the safeguarding of personal information is governed by a complex array of federal laws and state legislation tailored to specific industries, each with its scope and jurisdiction. This diversity presents a significant challenge to organizations operating nationwide regarding compliance.Every state, including the District of Columbia, Guam, Puerto Rico, … [Read more...] about What Security Breach Notification Laws Exist for Every U.S. State
“Lions and tigers and bears, oh my!” Global legal risks in cybersecurity investigations
This article by Brian Hengesbaugh delves into the complex global legal challenges companies face during cybersecurity investigations, particularly in the context of global ransomware and cyberattacks. Drawing an analogy to the fears expressed in "The Wizard of Oz," the article underscores how companies grapple with varied and sometimes conflicting legal obligations across … [Read more...] about “Lions and tigers and bears, oh my!” Global legal risks in cybersecurity investigations
The salary of a Chief Security Officer
The 22nd annual Security and Compliance Compensation report, produced by The Foushée Group, provides a comprehensive analysis of the salaries and compensation trends in the security and compliance sector. This survey, conducted annually for the last 22 years, aims to offer accurate and timely compensation information for 78 security and compliance positions. The survey targets … [Read more...] about The salary of a Chief Security Officer
IANS’ 2023 Security Budget Benchmark Summary Report finds cybersecurity budgets have continued to grow
The 2023 Security Budget Benchmark Summary Report, created by IANS and Artico Search, presents an analysis of cybersecurity budget trends and the factors influencing these trends. Despite the economic challenges of 2023, such as inflation and global instability, cybersecurity budgets have continued to grow, although at a slower pace than in previous years.In 2023, cybersecurity … [Read more...] about IANS’ 2023 Security Budget Benchmark Summary Report finds cybersecurity budgets have continued to grow
How Technology and Data Analytics are Revolutionizing Auditing
This article by Genevieve Diesing is the second of a 2-part article on auditing and highlights the transformative impact of technology and data analytics on auditing. Traditional auditing methods are replaced by more efficient techniques facilitated by data analytics and advanced information technology. This shift has made many conventional auditing practices obsolete, allowing … [Read more...] about How Technology and Data Analytics are Revolutionizing Auditing
Auditing 101: Understanding Audits and Tips to Prepare
This article by Genevieve Diesing is the first of a 2-part article on the crucial role of auditing in a quality management system (QMS). Auditing validates that a company's activities align with its declared commitment to quality, as outlined in its QMS, and drives continuous improvement.An audit acts as a health check for business processes, assessing their alignment with the … [Read more...] about Auditing 101: Understanding Audits and Tips to Prepare
What should be changed in the next edition of ISO 9001?
This forum discussion centered around the revision of ISO 9001, following the SC2 plenary meeting in October 2023 and the first meeting of Work Group 29 in December 2023. The forum participants reflect a mix of anticipation and skepticism about the upcoming changes to ISO 9001 and raise questions about the future direction of quality management standards.The design … [Read more...] about What should be changed in the next edition of ISO 9001?
Elevate Your Audits: Upgrade Your Conventional Audit Program With A Risk-Based Approach
This "Quality Progress" journal article by Lance B. Coleman Sr. emphasizes integrating risk management into auditing processes. The author argues for a shift from traditional auditing to a risk-based approach, highlighting that this method not only enhances the performance of the audit program but also contributes significantly to the organization. Key to this approach is … [Read more...] about Elevate Your Audits: Upgrade Your Conventional Audit Program With A Risk-Based Approach
Bridging the Quality Management Digital Divide
Assurx, a quality compliance company, released a whitepaper on "Bridging the Quality Management Digital Divide" and emphasizes the urgent need for manufacturers to adopt an Enterprise Quality Management System (EQMS) to remain competitive and efficient in the complex and challenging environment of 2024 and beyond. The paper discusses the various market challenges manufacturers … [Read more...] about Bridging the Quality Management Digital Divide
5 Key Components of Quality Control Measures
This article from FATFINGER provides a detailed overview of the five critical components of quality control measures in manufacturing. These measures ensure that products meet or exceed the highest standards. The first component, Product Design Analysis, emphasizes collaboration between design and production teams and the integration of Design for Manufacturability (DFM) … [Read more...] about 5 Key Components of Quality Control Measures
Product Quality Strategies: 13 You Need To Use
Adrian Leighton outlines 13 essential product quality strategies for achieving consistent product quality. These strategies are categorized into pre-production and post-production stages, providing a comprehensive approach to quality assurance.In the pre-production phase, Leighton emphasizes the importance of due diligence in supplier selection, defining clear quality … [Read more...] about Product Quality Strategies: 13 You Need To Use
What’s Your Process Language?
In this article, Thomas Kohlenbach emphasizes the importance of clear communication and understanding in process management, drawing from his experience in process excellence. He begins with an anecdote from a client visit in Bangkok, where he spoke in German to a team of Thai executives, highlighting the significance of using a common language for effective communication. This … [Read more...] about What’s Your Process Language?
Book Review: “Improve LESS” by Chad Bareither
"Improve LESS: The Focus and Align Framework for Sustainable Continuous Improvement" by Chad Bareither presents a novel approach to continuous improvement, advocating for focused change and aligned efforts rather than overhauling everything at once. Drawing from Bareither’s extensive experience in Lean, Six Sigma, and Industrial Engineering, the book introduces the Focus and … [Read more...] about Book Review: “Improve LESS” by Chad Bareither