What Is MITRE ATT&CK®? The MITRE ATT&CK is a documented collection of information about patterns of malicious behavior used by advanced persistent threat (APT) groups during real-world cyberattacks. ATT&CK, or Adversarial Tactics, Techniques, and Common Knowledge, describes the observed tactics (the technical objectives they’re trying to achieve), techniques (the ways they do it), and procedures
Read More
Introduction To ISO 27001 ISO released its family of standards in 2005 and has updated them regularly since then. The ISO 27001 has seen the latest updates since 2013. ISO 27001 is owned by both the ISO and the International Electrotechnical Commission (IEC), which is a Swiss organization that focuses primarily on electronic systems. The ISO 27001
Read More
What is the NIST Cybersecurity Framework? In a world where cyber threats are rapidly evolving and data volumes are increasing exponentially, many organizations struggle to ensure proper security. It is important to put in place a solid Cybersecurity Framework (CSF) to protect your company. NIST’s cybersecurity framework is an effective method for organizing and improving the
Read More
Learn the basics of Penetration Testing and how to successfully conduct Pen test in this article.
Read More
You only merely need to glance at the headlines to hear about many stories of hacking, malware, virus infections, security breaches and ransomware. If you read the stories behind the headlines, you will hear the stories of businesses, large and small, seemingly helpless against ransomware and associated downtime, loss of services and loss of revenue.
Read MoreWhat is ISO 27001? The ISO 27001 standard is designed to function as a framework for an organization’s information security management system (ISMS). This includes all policies and processes relevant to how data is controlled and used. ISO 27001 does not mandate specific tools, solutions, or methods, but instead functions as a compliance checklist. Why
Read MoreWhat is GDPR EU GDPR is the European standard that specifies the requirements for a General Data Policy Regulation (GDPR). GDPR compliance states that organizations must adopt appropriate policies, procedures and processes to protect the personal data they hold. The primary objective of the GDPR is to give citizens back control of their personal data. If
Read MoreThe California Consumer Privacy Act (CCPA) will forever change the way companies in the U.S. and around the world manage their data. TrustNet provides the knowledge and resources to help your business comply with these regulations. Our expertise and experience with organizations of all sizes across the United States translates into a range of services
Read MoreInfosec Mates has developed a strong reputation as a source of expertise on both the financial and information technology aspects of SOX. We bring decades of compliance and audit experience to every assignment. We have a targeted approach in delivering best practices, managing risks, and ensuring the most efficient use of resources. We leave a
Read MoreThe Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules define requirements for the appropriate use and safeguarding of protected health information (PHI). These requirements along with the provisions of the HITECH Act create a significant challenge for organizations that manage or impact the security of medical records and other personal health information.
Read More