Compliance

Benefits of ISA 62443 Compliance

A flexible framework to manage and mitigate present and future security risks in industrial automation and control systems is provided by the ISA/IEC 62443 series of standards, developed by the ISA 99 committee and adopted by the International Electrotechnical Commission (IEC). While many cyber security standards are successful in business IT environments, the ISA 62443…

Compliance

TISAX Compliance

Information security is becoming increasingly vital in the digital era to preserve competitiveness. This is especially true in the automotive industry, where companies often communicate large amounts of sensitive data that must be protected from theft, loss, or manipulation. OEMs and their suppliers produce one of the world’s most complicated supply chains. Several individual manufacturers…

Compliance

Why HIPAA and GDPR cannot replace each other

Why HIPAA and GDPR cannot replace each other? Its a misconception that GDPR and HIPAA can replace each other. Many companies misconstrue both the compliances. They think that HIPAA is USA, GDPR is EU and both talk about personal information. They further think that implementing one, means automatically implementing the other. Unfortunately that is not…

Compliance

Difference Between SOC2 Type I and Type II Reports

What is the difference between SOC2 Type 1 report and Type 2 report? A SOC report helps organizations that provide a given type of service to another organization show the effectiveness of their internal controls environment. A SOC 2 audit provides both detailed information and assurance of the service organization’s controls relevant to security, availability,…

Compliance

GDPR Compliance for Mobile Apps

GDPR Compliance for Mobile Apps Many mobile apps handle PII (Personally Identifiable Information), which can be as simple as person’s name, phone number and address. Or it can be as complex as their fingerprint details captured via mobile device and the app running on it. The GDPR compliance (General Data Protection Regulation) mandates that the…

Compliance

Tips To Implement GDPR For SaaS Based Products

While there are many companies going for or considering GDPR implementation after 25th May 2018, there are a bunch of those who are still contemplating on what to do about it. GDPR is not as easy to implement as ISO 27001 and requires a very different approach. This is especially true and gets further complicated…

Compliance

Why Hackers Like The Healthcare Industries

To the question in title, if I was a hacker I would ask myself “why not”?. Its simple really. Hackers always go for the data which either they can use for themselves or they can sell and earn money. PHI (Personal Health Information) or the EHR (Electronic Health Records) data is that form of electronic…

Compliance

How To Select Your ISO 27001 Implementation Partner

While choosing ISO27001 consultant or implementation partner, usually companies do not know the basis on which they should select the right vendor. Due to lack of adequate awareness and hence as a common practice, organisations choose to select ISO27001 Consultant Company purely based on cost. Typical mistakes in implementing ISO27001 Compliance All those who are…