An Information Security Management System (ISMS) is simply a framework for information security practices within your organization. You may immediately jump to think about a full set of policies and procedures, several stacks of network appliances, certifications, and an endless number of hoops to jump through.
The good news is that you don’t have to start there, the most important step is not the first step or the last step. It’s the next step. You can simply begin using risk-based strategies to build your ISMS one layer at a time.
First American Financial Corporation (FAFC) is facing the first-ever penalty from the SEC in the form of a cease-and-desist order and civil fines, as a result of their lack of disclosure controls and systems surrounding their cybersecurity risk management.
Ransomware is not isolated to tech companies, which is clearer than ever given the attacks this year. In a recent interview with Now This, our CEO Vikas Bhatia, discussed the fundamentals of these attacks and how companies across industries can better prepare by utilizing a third-party risk management plan.
We’re excited to announce the Standardized Information Gathering (SIG) questionnaire license offering in conjunction with the JustProtect platform.
If you are new to JustProtect, welcome! We are a regulation and content-agnostic cloud-based platform that centralizes, automates, and simplifies the assessment process for companies with or without a GRC. Whether it’s third-party risk, procurement, internal audits, or compliance readiness, we can reduce time and the human cost of your assessment process.
JustProtect wants to welcome Doug Stasko to the team as the new Vice President of Global Sales! We picked Doug’s brain on why he chose JustProtect as he brings a wealth of knowledge for moving JustProtect to the next level.
Now that we have identified the issues to watch out for, we can share what you can do to triage risks and develop your 3rd Party GRC Solution.
Let’s Reassess How You Think About 3rd Party Assessments!
Caveat: We can’t possibly provide a complete 3rd Party consulting framework in a short blog. This post is to provide you with a new framework for 3rd Party risk and new thinking in assessments.
First, let’s clearly define what a 3rd Party is. We believe they encompass all of the following: suppliers, 3rd Party agents, contractors, distribution centers, call centers, contract manufacturers or assemblers, outsourcing firms, service providers (SaaS, Cloud, and a thousand more).
Last week, we discussed the two strategy pitfalls companies face when they realize that they have regulations, laws, and certifications they need to be in compliance with. This post dives deeper into what companies experience when they go down this path.
We are celebrating, Application Security and Compliance Analyst, Bryan Urias' one year anniversary with JustProtect!
Who is the real you?
What may seem like a serendipitous entry into cyber security and risk assessment is the reality for Bryan Urias and his journey with JustProtect. Bryan connected with Embarc Collective, who acted as a pipeline for local businesses and his university, Florida Poly. That’s how he met Vikas Bhatia, JustProtect’s Founder and CEO, one year ago.