Blog

Principle of Least Privilege – The BASICS – A Security Principle To Live By?

by Sabine Zimmer | Oct 1, 2020 | Data & Cybersecurity, Data Protection, Information Security, Third Party Risk Management

Shared Assessments’ Insurance Vertical Strategy Group came together for its quarterly meeting last week. Conversation was engaging and covered the widening scope of assessments, the multitude of third party types and the need for re-risking vendors in light of...

Information Security Needs a New Narrative

by Tom Garrubba | May 6, 2020 | Data & Cybersecurity, Information Security

Many companies have a fundamental information security problem, according to the co-authors of the A Leader’s Guide to Cybersecurity (Harvard Business Review Press, 2019). Those organizations pay too much attention to network and system vulnerabilities and too little...

2020 Information Security and Data Privacy Perspectives: 5 Not-So-Pretty Predictions

by Eric Krell | Jan 27, 2020 | Data & Cybersecurity, Information Security, Privacy

When we asked Santa Fe Group Vice President and CISO Tom Garrubba to gaze into his crystal ball last month, he identified several events related to Third Party Risk Management that he thinks may materialize this year, including: Privacy breaches (those caused...

Holistic Information Security – People, Process and Technology

by yadzinski | Aug 6, 2014 | Data Breach, Information Security, PHI

The attention to People and Process is lagging far behind In reviewing the recent plethora of data breach stories, I am beginning to see a pattern here. While many companies answer to breaches with more and more technology, it appears that they are ignoring...

The NSA, Snowden and Third-Party Risk: Preliminary Lessons Learned

by | Aug 5, 2013 | Information Security, Outsourcing, Third Party Risk, Vendor Security

Remember this: Edward Snowden Worked for a Third-Party Vendor. While it remains uncertain what exactly Mr. Snowden shared with other nations, we do know this: he wasn’t authorized to disclose classified information. Some may believe he is a hero, others believe he is...

Information Security in the Financial Industry. More Regulation or Better Regulation

by | Jul 29, 2013 | Information Security, Regulations

Santa Fe Group Consultant and Shared Assessments Program Director, Brad Keller, was recently interviewed by John DiMaria, Product Marketing Manager, BSI Management Systems. Brad, along with members from BITS and the Financial Services Roundtable, share their...

This site uses cookies

Please note that on our website we use cookies necessary for the functioning of our website, cookies that optimize the performance. To learn more about our cookies, how we use them and their benefits, please read our Cookie Policy and Privacy Policy.

Blog

Principle of Least Privilege – The BASICS – A Security Principle To Live By?

Information Security Needs a New Narrative

2020 Information Security and Data Privacy Perspectives: 5 Not-So-Pretty Predictions

Holistic Information Security – People, Process and Technology

The NSA, Snowden and Third-Party Risk: Preliminary Lessons Learned

Information Security in the Financial Industry. More Regulation or Better Regulation

Sign up for our Newsletter

Sub Topics

This site uses cookies

Blog

Principle of Least Privilege – The BASICS – A Security Principle To Live By?

Information Security Needs a New Narrative

2020 Information Security and Data Privacy Perspectives: 5 Not-So-Pretty Predictions

Holistic Information Security – People, Process and Technology

The NSA, Snowden and Third-Party Risk: Preliminary Lessons Learned

Information Security in the Financial Industry. More Regulation or Better Regulation

Sign up for our Newsletter

Sub Topics

Terms of Use

This site uses cookies