News That Matters to You
This blog features the most up-to-date stories of interest to quality managers specializing in a variety of different areas including safety, environmental, IT, cannabis, and metrology. We also support the professional development needs of employees working in these areas, connecting readers with stories about training, job postings, and career development.
Categories
- Cybersecurity
- Cybersecurity-Artificial Intelligence
- Cybersecurity-Automation
- Cybersecurity-Career
- Cybersecurity-Certification Management
- Cybersecurity-Continuous Improvement
- Cybersecurity-Documentation
- Cybersecurity-ISO 27001
- Cybersecurity-Management
- Cybersecurity-Regulatory
- Cybersecurity-Risk Management
- Cybersecurity-Software
- Cybersecurity-Supplier Quality
- Cybersecurity-Sustainability
- General
- Manufacturing
- Quality-Artificial Intelligence
- Quality-Automation
- Quality-Career
- Quality-Continuous Improvement
- Quality-Cost of Quality
- Quality-Documentation
- Quality-ISO 9001
- Quality-LEAN-6 Sigma
- Quality-Product Safety
- Quality-Quality Management
- Quality-Regulatory
- Quality-Risk Management
- Quality-Root Cause
- Quality-Skills
- Quality-Software
- Quality-Supplier Quality
- Quality-Sustainability
- Safety-Product Safety Certification
- Safety-Risk Management
- Uncategorized
Vendor Risk Assessment: The Definitive Guide
Vendor risk assessments are critical for identifying and mitigating potential risks from third-party vendors, covering cybersecurity, data privacy, compliance, operational, financial, and reputational risks. Key steps in vendor risk assessment include assembling internal stakeholders, defining acceptable residual risk levels, building a standardized assessment process, sending risk questionnaires, and complementing assessments with continuous risk monitoring. Effective…
Continue Reading Vendor Risk Assessment: The Definitive Guide
How Do You Verify An Organization’s ISO Certificate?
ISO standards, created by the International Standards Organization, provide internationally recognized best practices for various industries, including information security. To ensure an ISO certificate’s validity, key data points such as the certificate number, standard being certified, scope, expiration date, accreditation body, and certification body must be verified. Non-accredited ISO certificates lack oversight and may not…
Continue Reading How Do You Verify An Organization’s ISO Certificate?
Measure Success: Key Cybersecurity Resilience Metrics
Key metrics for measuring cyber resilience include Mean Time to Detect (MTTD), Mean Time to Acknowledge (MTTA), Mean Time to Contain (MTTC), and Mean Time to Resolve (MTTR). Cyber resilience and cybersecurity are complementary strategies; cybersecurity focuses on defense, while cyber resilience emphasizes recovery and continuity. Metrics like security policy compliance rate, access management success,…
Continue Reading Measure Success: Key Cybersecurity Resilience Metrics
ISO 27001 vs. SOC 2: Differences and Similarities
ISO 27001 is globally recognized; SOC 2 is primarily demanded in North America. ISO 27001 requires the implementation of a comprehensive Information Security Management System (ISMS) with 93 controls, while SOC 2 assesses specific internal controls based on selected Trust Service Criteria. ISO 27001 certification involves a two-stage audit process. It is valid for three…
Continue Reading ISO 27001 vs. SOC 2: Differences and Similarities
The Guide to Integration Security for B2B SaaS
Integration security is essential for data integrity, availability, and confidentiality during data exchanges between interconnected systems. Common integration security threats include insecure APIs, misconfigurations, insufficient authentication and authorization, data leaks, and man-in-the-middle attacks. Best practices for integration security include following secure design principles, ensuring robust authentication and authorization, and adhering to regulatory compliance frameworks like…
Continue Reading The Guide to Integration Security for B2B SaaS
Center for Internet Security (CIS) Releases Critical Security Controls Navigator
The CIS Critical Security Controls (CIS Controls) provide a simplified and prioritized set of best practices to strengthen cybersecurity. Implementing CIS Controls helps organizations achieve essential cyber hygiene and comply with industry regulations. The CIS Controls are organized into specific actions called Safeguards and tiered Implementation Groups to prioritize cybersecurity efforts. The CIS Critical Security…
Continue Reading Center for Internet Security (CIS) Releases Critical Security Controls Navigator
Get our latest post in your inbox.
Join my newsletter to receive our latest long-form content right in your inbox. I also offer up discounts, coupons, and exclusive content to our subscribers. Join today!