As the need for SOC 2 examinations continues to grow domestically as well as internationally, many organizations now either find themselves taking on more and more assessments or trying to appease a client base that requires a SOC 2 examination when the typical product or platform approach may not apply. When these situations crop up, we are seeing more adoption of what’s known as an enterprise services SOC 2 examination.

As of June 11th, PCI DSS v4.0.1 was officially released. This update comes with several clarifications and adjustments to the previous version, ensuring more precise guidelines and addressing various implementation issues.

Given the international reputation of ISO standards, ISO 14001 certification represents a great option for organizations seeking to prove their commitment to sustainability. To achieve certification of your environmental management system (EMS), however, you must meet the framework’s holistic requirements regarding environmental issues.

While the rapid pace at which artificial intelligence (AI) technology has been both developing and impacting several areas of our daily lives continues, so do the concerns about the tech’s safety, privacy, and bias. As there’s no stopping the ongoing integration of AI, organizations are now wondering what they can do to ease those concerns, and the answer is simple—start with protecting your data.

Back in 2018, the French government introduced—by way of its Public Health Code (Article L.1111-8)— HDS certification, mandating that all entities hosting personal health data must successfully achieve certification. Now, in 2024, they’ve published a new HDS framework with changes, expositions, and removals of language that organizations affected will need to know in order to comply.

Now that the deadline for the CISA Secure Software Development form is quickly approaching, organizations are working to ensure they get their attestation in order—that includes FedRAMP Cloud Service Providers (CSPs).

Perhaps believing they’re simply too small for the government to consider, some smaller healthcare providers will choose to either fly under the radar or hope that regulators of the Health Insurance Portability and Accountability Act (HIPAA) won’t notice their lack of correct processes and controls. However, this likely won’t work—in fact, over 55% of HIPAA fines in 2022 were levied against small practices.

If you’re a newly hired CISO or Director for an organization that’s required to achieve and maintain PCI DSS, you may be wondering how and where you can get started so that you’re ready when it comes time for the assessment to begin.