According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information about customers—names, addresses and Social Security numbers.

Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report? Many organizations today are dealing with multiple needs or demands for various compliance assessments or certifications. These organizations might wonder, “How can my ISO 27001 certification fit the needs for a SOC 2 report?” and vice versa. Below we have outlined the similarities and differences between an ISO 27001 certification and a SOC 2 examination.

During SOC 1 Type 2 examinations, which analyze both the design and operating effectiveness of your controls, deviations from the stated control process must be disclosed within the service auditor’s testing results, often referred to as testing “exceptions” or “deviations” as they are exceptions from the stated control activity. The identification of at least one testing exception is a common occurrence, whether it is due to an outage, failure to document a manual process, or a simple oversight. There are a few questions, however, that you can ask both your auditors and yourselves to help manage the exceptions.

With growing scrutiny in healthcare and a record number of breaches increasing at an alarming rate, healthcare organizations are taking preventive measures in order to avoid breaches and possible fines. However, healthcare organizations are confused on what measures they need to take in order to protect healthcare information.

Surprisingly, business leaders—not IT departments—are the driving force behind six out of 10 migrations to the cloud. These leaders are often bothered by the nagging question, “Is the cloud secure?” This question is usually followed by a series of debates about just how secure the cloud is.

When you hear the word “whistleblower,” do you think business traitor or Good Samaritan? In most company cultures, it tends to be the former, which is unfortunate because more often than not, exposing a security issue is a matter of ethics, not malice for employees. However, because malicious intent has occurred before, the negative connotation lives.

Chief Information Security Officers (CISOs) aren't what they used to be. According to the Identity Theft Resource Center, data breaches exposed over 169,068,506 confidential records in 2015. Before cybersecurity became top talk within the IT world, CISOs were responsible, in general terms, for security. Today, they play a much more integral role in the enterprise.

Co-Authored with Kurt Long from Fairwarning and originally published on informationsecuritybuzz.com Today’s modern CRM systems are vital to your business’ success. CRM data now holds every aspect of your business’ proprietary information from corporate intelligence to sales data; as well as your customers’, from buying patterns to PII. A data breach to your CRM could be devastating to your organization resulting in lawsuits or irreparable harm to your brand’s reputation and customer trust. With so much at stake, here is what you need to know to protect your CRM.