Welcome to the Virtual CISO where we explain different compliance framework to enable your business processes.

On today's episode we talked about the Cybersecurity Maturity Model Certification (CMMC) Version 2.0. The Department of Defense (DoD) launched CMMC 2.0, a comprehensive framework to protect the defense industrial base from increasingly frequent and complex cyberattacks and to safeguard sensitive national security information.

Thank you for listening.

Welcome to the Virtual CISO where we explain different compliance framework to enable your business processes.

On today's episode the California Privacy Right Act (CPRA) which amends the CCPA and includes additional privacy protections for consumers. It significantly expands the CCPA, and it is sometimes referred to as “CCPA 2.0.”

Thank you for listening.

Welcome to the Virtual CISO where we explain different compliance framework to enable your business processes. 

On today's episode, we talked about the California Consumer Privacy Act which is a state law intended to enhance privacy rights and consumer protection for residents of California, United States.

Thank you for listening. 

Welcome to the Virtual CISO where we explain different compliance framework to enable your business processes.

On today's episode, we talked about HIPAA (Health Insurance Portability and Accountability Act) which is a United States legislation that provides data privacy  and security provisions for safeguarding Protected Health Information (PHI).

HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).

Thank you for listening.

The ISO 27701 standard is a Privacy Information Management System (PIMS) standard that lays out a detailed set of operational checklists that can be adapted to a variety of privacy regulations, including GDPR. ISO 27701 helps your organisation demonstrate to consumers, external organisations and internal stakeholders that mechanisms are in place to keep data safe and to comply with privacy laws and regulations.

ISO 27701 is a framework for data privacy that builds on ISO 27001 which guides an organisations with the implementation of policies and procedures that should be in place to comply with data protection/privacy regulations while maintaining an effective privacy and information security system and ultimately reducing privacy risks.

Welcome to the Virtual CISO where we explain different compliance framework to enable your business processes.

ISO 27001  “ISO/IEC 27001 sets out the specification for Information Security Management Systems (ISMS). ISO 27001’s best-practice approach helps organisations manage their information security by addressing people, processes, and technology. 

It is published by the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission (IEC). Both are leading international organizations that develop international standards.

Thank you for listening.

The Center for Internet Security (CIS) officially launched version 8 of the CIS Controls In May 2021. This release represents a comprehensive revision of the CIS Controls (v7) and contains updated and simplified guidelines to help defend organisation's security posture.

The CIS controls are a great way to adopt the industry best practices for data security and a great way to begin to prepare for other compliance efforts that may be in the pipeline for your organisation. 

The new CIS 18 controls are:-

Most startups find SOC 2 requirements daunting. Our aim on this podcast is to provide guidance on helping your company simplify your SOC 2 compliance journey and confidently market your product to your target market #SOCIT2ME.