“Best Defense” Blog

Filter Posts by Topic

  • Reaching for the Pinnacle of Information Security Maturity

    Not all security leaders are alike. Though this statement is obvious to most, many folks in this industry have a difficult time articulating exactly what [...]

  • Managing Third-Party IoT Cybersecurity Risks

    Managing Third-Party IoT Cybersecurity Risks Lessons-Learned from Shared Assessments/Ponemon Institute’s Survey Results The Ponemon Institute recently published the results of its Third Annual Study on [...]

  • Is Your Business in Scope for the California Consumer Privacy Act?

    Just as business leaders started acclimating to the data privacy requirements in the EU's General Data Protection Regulation (GDPR), along comes a new and equally [...]

  • Uncertainty of Privacy Shield

    While many in the United States were recovering from summer vacations and fireworks displays, the European Parliament passed a non-binding resolution that could lead to [...]

  • Processes Are for Managers

    A Holistic Approach to Information Security In my previous blog, “Controls are for Auditors” I wrote about how we as security leaders need to move [...]

  • GDPR Deadline Looming

    Does the GDPR "due date" remind us of Y2K? What will really happen on May 25th? No one really knows for sure the answer to this [...]

  • Four Hats a Security Leader Must Wear

    April 6th, 2018 Chad Boeckmann, Secure Digital Solutions A security program, as it evolves and matures, will typically experience four types of leader personalities. These [...]

  • The Great GDPR Compliance Panic of 2018

    January 16th, 2018 Adam Stone, Principal Consultant Are you falling into the rut known as the great GDPR compliance panic of 2018? Stop worrying. Many [...]

  • Cyber Security Services Catalog Enables Strategy

    Original: October 19th, 2016Updated: December 11th, 2017 Mike Edlund, Solutions Manager Cyber Security Service Catalog Enables Strategy Creating a Security Services Catalog for a security [...]

  • Creating a Health and Fitness Plan for Cyber Security

    October 18th, 2017 Ed Snodgrass, CISO, Secure Digital Solutions This article was originally posted on Forbes . Virtually everyone wants to be healthier. Good health [...]

  • Cybersecurity Maturity is Growing Up

    originally featured on CSO Online Maturity is an interesting word. We’ve heard it throughout our lives and it’s had different meanings in different contexts.  As [...]

  • Ransomware Makes News But Is Not New

    This article was originally posted on CSO Online August 11th, 2017 By Ed Snodgrass, CISO Photo Credit: Michael Kan Chances are you’ve seen a [...]

  • How Will Information Security Support GDPR Compliance?

    July 20th, 2017 Adam Stone, Principal and Chief Privacy Officer How Will Information Security Support GDPR Compliance? The effective date of the EU’s General Data [...]

  • Security Leader’s Primer to GDPR

    Understanding GDPR: The Security Leader's (Really Concise) Primer July 11th, 2017 Adam Stone, Chief Privacy Officer and Principal   As the effective date for the [...]

  • Trends in Data Breach

    June 29, 2017 Ed Snodgrass, CISO, Secure Digital Solutions On Friday, June 23, Anthem Healthcare agreed to settle a series of lawsuits related to the [...]

  • Hiring a Security Rockstar

    May 13th, 2017 Secure Digital Solutions CISO, Ed Snodgrass,recently had the privilege of writing for Forbes Technology Council. The title of the piece is "Looking [...]

  • Quest for Excellence in Cybersecurity Management

    April 10th, 2017 Adam Stone, Principal, Secure Digital Solutions Baldrige's recently-published framework raises the bar for information security leaders by tying cybersecurity program management to [...]

  • Cyber Risk is a Key Focus for Corporate Boards

    For organizations across industry sectors, digital commerce is the dominant vehicle to transact business and improve efficiency. Groundbreaking innovations in computing potential accelerate the speed of change [...]

  • Investors’ Top Five Cyber Security Questions

    February 16th, 2017 In the wake of numerous high profile cyber attacks against global businesses, including Sony, Target, and eBay, investors and boards alike are [...]

  • Preparing for GDPR: Practical Guidance

    Save the Date! Preparing for GDPR: Practical Guidance for Getting Started Webinar: February 28th, 2017 10:30-11:15 a.m. CST If your firm provides products or services [...]

  • Five Popular Initiatives of Cyber Security Leaders in 2017

    With the new year approaching, now is a great time to celebrate the successes (and failures) of information security leaders and reflect on the challenges [...]

  • FFIEC Issues Updated Information Security Handbook

    By Adam Stone, Principal Consultant September 9th, 2016 The Federal Financial Institution Examinations Council (FFIEC) today announced a revision to their venerable Information Security booklet. [...]

  • How Measuring Process Maturity Exceeds a Binary Compliance Approach

    August 17th, 2016 By Corey Tower, CISM, PMP If you have ever been in charge of implementing an inaugural security program or have been asked [...]

  • 2016 Security Advisor Alliance

    Secure Digital Solutions is pleased to announce participation at the 2016 Security Advisor Alliance in Dallas, TX on September 21-22, 2016.   SDS - 2016 [...]

  • Briefing on Cybersecurity Best Practices – July 20th, 2016

    Client Briefing on Cybersecurity Best Practices - 7/20/2016 Wednesday, July 20, 2016 from 7:30 AM - 9:00 AM As you know, cybersecurity is an ongoing [...]

  • Steps to Take Following Approval of EU Privacy Shield

    Adam Stone, Privacy Officer July 17th, 2016   Image Courtesy US Department of Commerce After political wrangling and delays, the US Department of Commerce [...]

  • Breaking Down Barriers to Effective Information Security

    June 9, 2016 By Mike Edlund, CISM A recent survey* was conducted by PricewaterhouseCoopers (PwC) and asked 9600 C-level leaders about obstacles to effective cybersecurity. [...]

  • How much information security is enough?

    By Chad Boeckmann & Adam Stone May 16th, 2016 Let’s talk about benchmarking. It’s a question our team receives from clients both large and small. When [...]

  • Process Maturity Assessments for Information Security

    Adam Stone, CISSP, CIPP, HCISPP, CHPS May 2, 2016 Over the past few weeks, SDS received lots of positive feedback from a recent post, Elevate [...]

  • Is Your Risk Leadership Asking the Right Questions?

    By Christophe Veltsos, PhD April 25th, 2016 A recent report by Deloitte entitled 10 Questions You Should Be Asking to Embrace Risk and Lead Confidently [...]

  • Elevate Cybersecurity Communication to Improve Executive Understanding

    By Adam Stone, Secure Digital Solutions April 11, 2016 A few weeks ago, my colleague, Tennelle Anderson, argued the need for a common language that [...]

  • Bringing Focus and Clarity to The Issue of Cyber Risks

    By Christophe Veltsos, PhD April 5th, 2016 Board directors and top leadership are under pressure to get a handle on cybersecurity risks. While the “security [...]

  • Five Takeaways to save your Healthcare Organization $1.5M

    By Chad Boeckmann, Secure Digital Solutions March 29th, 2016 The recent outcome at North Memorial Healthcare in Minneapolis, MN should be a stark reminder to [...]

  • Unifying the Message of Information Security

    By Tennelle Anderson, CISSP, CISA, CPA, Secure Digital Solutions I started out my career as an auditor. Then I moved into compliance. Now I’m a [...]

  • Incident Response – Minimize Damage from Ransomware

    By: Corey Tower, Information Security Consultant, CISM, CPPM Malware is like fashion – almost everything you are dealing with today or what seems popular was [...]

  • Ten Years of Information Security

    This November marks ten years since Secure Digital Solutions (SDS) began as a company delivering thought leadership to clients in a way that accomplishes business [...]

  • Controls Are for Auditors

    An Information Management Approach By: Chad Boeckmann, CISSP, CISA (CEO, Secure Digital Solutions) Consider this approach to information security: Controls are for auditors; processes are [...]

  • Playbook for the CISO

    What the COBIT Maturity Model Provides By: Chris Cathers, Secure Digital Solutions In this new world of cyber threats, weekly data breach news and executive [...]

  • Seven Tips to Improve Security Audits

    Achieving an Efficient, Measurable Process By Tennelle Anderson, CISSP, CISA, CPA (Principal Security Consultant, SDS) When I transitioned from “Internal Audit” to “Information Security” more [...]

  • Demonstrating Value: The ISO’s Dilemma

    Security Takes People and Processes, as Much as Technology By Chris Cathers, Director of Business Development, SDS Value. This is the quintessential problem for information security [...]

  • Are You Speaking Risk?

    Clearing Up Garbled InfoSecurity Communication By Corey Tower, GRC Consultant trustsds.com “There is a Threat that can Exploit our Vulnerability – we should address [...]

  • Engaging the Board on Security & Privacy

    A Moment of Opportunity for Security and Privacy Leaders By Adam Stone, Privacy Practice Lead, SDS Following numerous major security breaches in the news in [...]

  • Privacy as Process Improvement

    What, Why, and Who: The Essential Questions By Patrick Midden, CIPP, CHPC, J.D. Some companies see complying with privacy requirements as a roadblock; a hindrance; a [...]

  • Observing 2015 Data Privacy Day

    Practical Steps to Protect Your Privacy By Adam Stone, SDS Privacy Practice Lead January 28th marks International Data Privacy Day!  As such Secure Digital Solutions [...]

  • Cyber-Risk Handbook Issued for Boards

    Breaches Are Enterprise-Wide Risk Issue By Chad Boeckmann, CEO, Secure Digital Solutions This summer (2014), the National Association for Corporate Directors (NACD) acknowledged something we [...]