Blog

What Is The MITRE ATT&CK Framework ?

What Is The MITRE ATT&CK Framework ?

What Is MITRE ATT&CK®?  The MITRE ATT&CK is a documented collection of information about patterns of malicious behavior used by advanced persistent threat (APT) groups during real-world cyberattacks. ATT&CK, or Adversarial Tactics, Techniques, and Common Knowledge, describes the observed tactics (the technical objectives they’re trying to achieve), techniques (the ways they do it), and procedures

Read More
What Is ISO 27001 ? A Complete Guide

What Is ISO 27001 ? A Complete Guide

Introduction To ISO 27001  ISO released its family of standards in 2005 and has updated them regularly since then. The ISO 27001 has seen the latest updates since 2013. ISO 27001 is owned by both the ISO and the International Electrotechnical Commission (IEC), which is a Swiss organization that focuses primarily on electronic systems.  The ISO 27001

Read More
NIST Cybersecurity Framework Explained

NIST Cybersecurity Framework Explained

What is the NIST Cybersecurity Framework? In a world where cyber threats are rapidly evolving and data volumes are increasing exponentially, many organizations struggle to ensure proper security. It is important to put in place a solid Cybersecurity Framework (CSF) to protect your company. NIST’s cybersecurity framework is an effective method for organizing and improving the

Read More
How to conduct effective Penetration Testing?

How to conduct effective Penetration Testing?

Learn the basics of Penetration Testing and how to successfully conduct Pen test in this article.

Read More
Why should your business hire a Managed Security Services Provider (MSSP)?

Why should your business hire a Managed Security Services Provider (MSSP)?

You only merely need to glance at the headlines to hear about many stories of hacking, malware, virus infections, security breaches and ransomware. If you read the stories behind the headlines, you will hear the stories of businesses, large and small, seemingly helpless against ransomware and associated downtime, loss of services and loss of revenue.

Read More

International Organization for Standardization 27001 (ISO 27001)

What is ISO 27001?  The ISO 27001 standard is designed to function as a framework for an organization’s information security management system (ISMS). This includes all policies and processes relevant to how data is controlled and used. ISO 27001 does not mandate specific tools, solutions, or methods, but instead functions as a compliance checklist.  Why

Read More

General Data Policy Regulation (GDPR)

What is GDPR  EU GDPR is the European standard that specifies the requirements for a General Data Policy Regulation (GDPR). GDPR compliance states that organizations must adopt appropriate policies, procedures and processes to protect the personal data they hold.  The primary objective of the GDPR is to give citizens back control of their personal data. If

Read More

The California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) will forever change the way companies in the U.S. and around the world manage their data. TrustNet provides the knowledge and resources to help your business comply with these regulations. Our expertise and experience with organizations of all sizes across the United States translates into a range of services

Read More

Sarbanes-Oxley (SOX) Compliance

Infosec Mates has developed a strong reputation as a source of expertise on both the financial and information technology aspects of SOX. We bring decades of compliance and audit experience to every assignment. We have a targeted approach in delivering best practices, managing risks, and ensuring the most efficient use of resources. We leave a

Read More

The Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules define requirements for the appropriate use and safeguarding of protected health information (PHI). These requirements along with the provisions of the HITECH Act create a significant challenge for organizations that manage or impact the security of medical records and other personal health information.

Read More