JustProtect Blog

3 ways to simplify cybersecurity and risk management without the anxiety

Jul 21, 2021 5:00:00 PM / by Haley Keitel posted in compliance, cybersecurity, 3rd party, Risk Assessor, Security, privacy

Here are three quick ways to simplify your risk management processes without increasing your anxiety or your costs.

Read More

First American Financial Corporation Enforcement

Jun 30, 2021 3:19:25 PM / by Haley Keitel posted in compliance, cybersecurity, Policy, Security

First American Financial Corporation (FAFC) is facing the first-ever penalty from the SEC in the form of a cease-and-desist order and civil fines, as a result of their lack of disclosure controls and systems surrounding their cybersecurity risk management. 

Read More

Old vs. New Thinking in 3rd Party Assessments

Apr 27, 2021 9:00:00 AM / by Jamie Aquila posted in compliance, cybersecurity, assessments, 3rd party, grc

Let’s Reassess How You Think About 3rd Party Assessments!
Caveat: We can’t possibly provide a complete 3rd Party consulting framework in a short blog. This post is to provide you with a new framework for 3rd Party risk and new thinking in assessments.

First, let’s clearly define what a 3rd Party is. We believe they encompass all of the following: suppliers, 3rd Party agents, contractors, distribution centers, call centers, contract manufacturers or assemblers, outsourcing firms, service providers (SaaS, Cloud, and a thousand more).

Read More

Navigating the Manual Maze and Legacy GRC Systems

Apr 21, 2021 9:00:00 AM / by Haley Keitel posted in compliance, assessments, 3rd party, vendor, grc

Last week, we discussed the two strategy pitfalls companies face when they realize that they have regulations, laws, and certifications they need to be in compliance with. This post dives deeper into what companies experience when they go down this path.

Read More

Avoiding the Risk Assessment Trap

Apr 13, 2021 10:00:00 AM / by Joel Davis posted in compliance, assessments, 3rd party

 

Many companies start assessing innocently enough in order to respond to government and/or industry regulations, laws, and certifications with all the right intentions. They want to be in compliance, protect their business, and hopefully use these as differentiators in the market.

Read More

Special Announcement! Upcoming Blog Series-All About Assessments

Jul 13, 2020 10:58:48 AM / by Jeffery Ratliff posted in CEO, compliance, cybersecurity, assessments, 3rd party

            Regulatory compliance can be a daunting task for small companies for a variety of reasons. For some, it could be that they do not have the necessary staff to commit to such a project. For others, it may be the lack of capital to pay an expensive consultant to do it for them. Another issue that plagues small companies is the lack of knowledge required to navigate the treacherous waters of regulatory compliance. While JustProtect may not be able to provide your company with more employees or extra money, something we can give you is knowledge. And Knowledge is Power.

Read More

Startup CEOs considerations in the post COVID world.

Jul 7, 2020 12:19:37 PM / by Vikas Bhatia posted in CEO, compliance, Strategy, assessments, working remotely, Raising money

 

Read More

Selling to Defense Organizations? Get introduced to DFARS

Jan 17, 2020 3:58:44 PM / by Vikas Bhatia posted in compliance, assessments, dfars, 800-171

Throughout its history, the Department of Defense (DOD) has relied on contractors, these are individuals or non-federal companies that supply services, supplies, or construction.  Almost all of these relationships involve the sharing of sensitive information which could present some sort of risk.

Read More

How do I start a vendor management program?

Jan 6, 2020 11:38:06 AM / by Vikas Bhatia posted in compliance, assessments, 3rd party

You've probably heard how important vendor management is to the success of your information security program. But it's important that you learn how to start a vendor management program and perform assessments for it so that each assessment supports your business.

Read More

The Equifax Enforcement - Simplified....

Jul 23, 2019 2:07:13 PM / by Jeffery Ratliff posted in compliance, cybersecurity

On July 22, 2019, Equifax agreed to pay around $700 million to settle with the Federal Trade Commission (FTC) and New York State Department of financial services (DFS) for the 2017 data breach that jeopardized sensitive information from nearly 150 million Americans. This will be the largest settlement ever paid for a data breach, almost twice the cost of the Target Breach in 2013.

Read More

Comments