“Best Defense” Blog
Filter Posts by Topic
Reaching for the Pinnacle of Information Security Maturity
Not all security leaders are alike. Though this statement is obvious to most, many folks in this industry have a difficult time articulating exactly what [...]
Managing Third-Party IoT Cybersecurity Risks
Managing Third-Party IoT Cybersecurity Risks Lessons-Learned from Shared Assessments/Ponemon Institute’s Survey Results The Ponemon Institute recently published the results of its Third Annual Study on [...]
Is Your Business in Scope for the California Consumer Privacy Act?
Just as business leaders started acclimating to the data privacy requirements in the EU's General Data Protection Regulation (GDPR), along comes a new and equally [...]
Uncertainty of Privacy Shield
While many in the United States were recovering from summer vacations and fireworks displays, the European Parliament passed a non-binding resolution that could lead to [...]
Processes Are for Managers
A Holistic Approach to Information Security In my previous blog, “Controls are for Auditors” I wrote about how we as security leaders need to move [...]
GDPR Deadline Looming
Does the GDPR "due date" remind us of Y2K? What will really happen on May 25th? No one really knows for sure the answer to this [...]
Four Hats a Security Leader Must Wear
April 6th, 2018 Chad Boeckmann, Secure Digital Solutions A security program, as it evolves and matures, will typically experience four types of leader personalities. These [...]
The Great GDPR Compliance Panic of 2018
January 16th, 2018 Adam Stone, Principal Consultant Are you falling into the rut known as the great GDPR compliance panic of 2018? Stop worrying. Many [...]
Cyber Security Services Catalog Enables Strategy
Original: October 19th, 2016Updated: December 11th, 2017 Mike Edlund, Solutions Manager Cyber Security Service Catalog Enables Strategy Creating a Security Services Catalog for a security [...]
Creating a Health and Fitness Plan for Cyber Security
October 18th, 2017 Ed Snodgrass, CISO, Secure Digital Solutions This article was originally posted on Forbes . Virtually everyone wants to be healthier. Good health [...]
Cybersecurity Maturity is Growing Up
originally featured on CSO Online Maturity is an interesting word. We’ve heard it throughout our lives and it’s had different meanings in different contexts. As [...]
Ransomware Makes News But Is Not New
This article was originally posted on CSO Online August 11th, 2017 By Ed Snodgrass, CISO Photo Credit: Michael Kan Chances are you’ve seen a [...]
How Will Information Security Support GDPR Compliance?
July 20th, 2017 Adam Stone, Principal and Chief Privacy Officer How Will Information Security Support GDPR Compliance? The effective date of the EU’s General Data [...]
Security Leader’s Primer to GDPR
Understanding GDPR: The Security Leader's (Really Concise) Primer July 11th, 2017 Adam Stone, Chief Privacy Officer and Principal As the effective date for the [...]
Trends in Data Breach
June 29, 2017 Ed Snodgrass, CISO, Secure Digital Solutions On Friday, June 23, Anthem Healthcare agreed to settle a series of lawsuits related to the [...]
Hiring a Security Rockstar
May 13th, 2017 Secure Digital Solutions CISO, Ed Snodgrass,recently had the privilege of writing for Forbes Technology Council. The title of the piece is "Looking [...]
Quest for Excellence in Cybersecurity Management
April 10th, 2017 Adam Stone, Principal, Secure Digital Solutions Baldrige's recently-published framework raises the bar for information security leaders by tying cybersecurity program management to [...]
Cyber Risk is a Key Focus for Corporate Boards
For organizations across industry sectors, digital commerce is the dominant vehicle to transact business and improve efficiency. Groundbreaking innovations in computing potential accelerate the speed of change [...]
Investors’ Top Five Cyber Security Questions
February 16th, 2017 In the wake of numerous high profile cyber attacks against global businesses, including Sony, Target, and eBay, investors and boards alike are [...]
Preparing for GDPR: Practical Guidance
Save the Date! Preparing for GDPR: Practical Guidance for Getting Started Webinar: February 28th, 2017 10:30-11:15 a.m. CST If your firm provides products or services [...]
Five Popular Initiatives of Cyber Security Leaders in 2017
With the new year approaching, now is a great time to celebrate the successes (and failures) of information security leaders and reflect on the challenges [...]
FFIEC Issues Updated Information Security Handbook
By Adam Stone, Principal Consultant September 9th, 2016 The Federal Financial Institution Examinations Council (FFIEC) today announced a revision to their venerable Information Security booklet. [...]
How Measuring Process Maturity Exceeds a Binary Compliance Approach
August 17th, 2016 By Corey Tower, CISM, PMP If you have ever been in charge of implementing an inaugural security program or have been asked [...]
2016 Security Advisor Alliance
Secure Digital Solutions is pleased to announce participation at the 2016 Security Advisor Alliance in Dallas, TX on September 21-22, 2016. SDS - 2016 [...]
Briefing on Cybersecurity Best Practices – July 20th, 2016
Client Briefing on Cybersecurity Best Practices - 7/20/2016 Wednesday, July 20, 2016 from 7:30 AM - 9:00 AM As you know, cybersecurity is an ongoing [...]
Steps to Take Following Approval of EU Privacy Shield
Adam Stone, Privacy Officer July 17th, 2016 Image Courtesy US Department of Commerce After political wrangling and delays, the US Department of Commerce [...]
Breaking Down Barriers to Effective Information Security
June 9, 2016 By Mike Edlund, CISM A recent survey* was conducted by PricewaterhouseCoopers (PwC) and asked 9600 C-level leaders about obstacles to effective cybersecurity. [...]
How much information security is enough?
By Chad Boeckmann & Adam Stone May 16th, 2016 Let’s talk about benchmarking. It’s a question our team receives from clients both large and small. When [...]
Process Maturity Assessments for Information Security
Adam Stone, CISSP, CIPP, HCISPP, CHPS May 2, 2016 Over the past few weeks, SDS received lots of positive feedback from a recent post, Elevate [...]
Is Your Risk Leadership Asking the Right Questions?
By Christophe Veltsos, PhD April 25th, 2016 A recent report by Deloitte entitled 10 Questions You Should Be Asking to Embrace Risk and Lead Confidently [...]
Elevate Cybersecurity Communication to Improve Executive Understanding
By Adam Stone, Secure Digital Solutions April 11, 2016 A few weeks ago, my colleague, Tennelle Anderson, argued the need for a common language that [...]
Bringing Focus and Clarity to The Issue of Cyber Risks
By Christophe Veltsos, PhD April 5th, 2016 Board directors and top leadership are under pressure to get a handle on cybersecurity risks. While the “security [...]
Five Takeaways to save your Healthcare Organization $1.5M
By Chad Boeckmann, Secure Digital Solutions March 29th, 2016 The recent outcome at North Memorial Healthcare in Minneapolis, MN should be a stark reminder to [...]
Unifying the Message of Information Security
By Tennelle Anderson, CISSP, CISA, CPA, Secure Digital Solutions I started out my career as an auditor. Then I moved into compliance. Now I’m a [...]
Incident Response – Minimize Damage from Ransomware
By: Corey Tower, Information Security Consultant, CISM, CPPM Malware is like fashion – almost everything you are dealing with today or what seems popular was [...]
Ten Years of Information Security
This November marks ten years since Secure Digital Solutions (SDS) began as a company delivering thought leadership to clients in a way that accomplishes business [...]
Controls Are for Auditors
An Information Management Approach By: Chad Boeckmann, CISSP, CISA (CEO, Secure Digital Solutions) Consider this approach to information security: Controls are for auditors; processes are [...]
Playbook for the CISO
What the COBIT Maturity Model Provides By: Chris Cathers, Secure Digital Solutions In this new world of cyber threats, weekly data breach news and executive [...]
Seven Tips to Improve Security Audits
Achieving an Efficient, Measurable Process By Tennelle Anderson, CISSP, CISA, CPA (Principal Security Consultant, SDS) When I transitioned from “Internal Audit” to “Information Security” more [...]
Demonstrating Value: The ISO’s Dilemma
Security Takes People and Processes, as Much as Technology By Chris Cathers, Director of Business Development, SDS Value. This is the quintessential problem for information security [...]
Are You Speaking Risk?
Clearing Up Garbled InfoSecurity Communication By Corey Tower, GRC Consultant trustsds.com “There is a Threat that can Exploit our Vulnerability – we should address [...]
Engaging the Board on Security & Privacy
A Moment of Opportunity for Security and Privacy Leaders By Adam Stone, Privacy Practice Lead, SDS Following numerous major security breaches in the news in [...]
Privacy as Process Improvement
What, Why, and Who: The Essential Questions By Patrick Midden, CIPP, CHPC, J.D. Some companies see complying with privacy requirements as a roadblock; a hindrance; a [...]
Observing 2015 Data Privacy Day
Practical Steps to Protect Your Privacy By Adam Stone, SDS Privacy Practice Lead January 28th marks International Data Privacy Day! As such Secure Digital Solutions [...]
Cyber-Risk Handbook Issued for Boards
Breaches Are Enterprise-Wide Risk Issue By Chad Boeckmann, CEO, Secure Digital Solutions This summer (2014), the National Association for Corporate Directors (NACD) acknowledged something we [...]