risk3sixty is an information risk management advisory firm helping organizations build security, privacy, and compliance programs. On this channel we feature free webinars aimed at helping organizations learn about and develop strategies to manage their security, privacy, and compliance initiatives.
Website: www.risk3sixty.com
Whitepapers: risk3sixty.com/whitepaper/
Blog Posts: risk3sixty.com/blog/
Пікірлер
excelente ! Felicitaciones
what is the demand on ISO 27001 vs SOC 2 in the US ? who does get certified in ISO 27001 usually
Thanks for the news briefing.
For 4.3 it's not just data to utilize the AI system it's also training information
i like it 🖤
Where are parts 3 and 4, can't find them?
Comment to support such an important topic! At JetSoftPro, a software development service, we also always say that it's better to test your own cyber security than to leave it to real hackers :)
I'm new to the SaaS world and trying to get my startup off the ground. We have less than 20 employees, and one of the biggest challenges we're facing is ensuring our information security measures are solid, especially regarding access control. I recently heard about this resource called the "Comprehensive Access Control Policy Template" which helps with ISO 27001 compliance. It sounds perfect for what we need, but I can't seem to find a good template or guide to get started. Does anyone here have experience with ISO 27001 and can share a template or point me in the right direction? Any help or advice would be awesome!
I'm new to the SaaS world and trying to get my startup off the ground. We have less than 20 employees, and one of the biggest challenges we're facing is ensuring our information security measures are solid, especially regarding access control. I recently heard about this resource called the "Comprehensive Access Control Policy Template" which helps with ISO 27001 compliance. It sounds perfect for what we need, but I can't seem to find a good template or guide to get started. Does anyone here have experience with ISO 27001 and can share a template or point me in the right direction? Any help or advice would be awesome!
Really liked your video. Thank you for sharing your insights on SOC2 I had a questions regarding the fundamentals of SOC 2 reports. Are there any resources you recommend for delving deeper into the specifics of scoping and the various types of SOC 2 reports
I have a newly launched a new Saas. I am looking for suggestion which one to choose, also Can anyone tell me whats the cost for SOC 2?
thanks for the video
Despite many large and well-known companies obtaining ISO 27001 certification, there remains a significant number unaware of and not applying its standards to protect their information assets. This channel greatly assists me and future aspiring auditors in acquiring knowledge as comprehensive as yours.
While this channel might currently lack a large following, I believe that in the future, viewers will revisit its content due to the imperative of safeguarding their information assets amidst the rise of AI threats. Please keep uploading new videos. 🙏
can a fresh Informatin technology graduate take the certification or the requirements to get in pci dss?
This is very helpful! Thank you!
Thank you!
Good work. Thank you for this.
Very informative
Learn how one company tackled PCI Compliance and fraud related chargebacks, the compelling story of Secure Order Transfer (SOTpay)'s inception: kzread.info/dash/bejne/k4SAt9uqnLzOY8Y.html
This is very helpful thank you!
anybody got the spreadsheet?
Why does the timeline has to be so Large? Couldn't this be implemented using a combination of dynamically changing form system operatored using a combination of RAG and human expertise.?
If a business uses Point to Point Encryption how can you do its pci dss assignment?
Thanks a lot !
This is great! The link to the whitepaper is dead. Can you please share a fresh link? thanks
Such a great video ! this has helped me so much
I don't see the spreadsheet posted. Where can I download a copy?
Brilliant video and resource !!
thank you, Sir
Thanks for sharing this video. It is very informative notably relative to the cost justification of pen testing
Many thanks 👍👍
Everyone can get a copy of this doc from secureframe. docs.google.com/spreadsheets/u/2/d/1TQMMP05ReOd6XdsS3yk3xvTR8rMbtXE3H3P8pODJO8A/copy
14 comments, 11 of them asking for the spreadsheet that you referenced. That doesn't look good.
Do you have a session for discussion and tutorial on each requirement with respect to PCI 4.0
I keep hearing the word "SAS", what do you mean by that acronym?
(Saas) Service as a software
Thank you for sharing
Excellent stuff! Thanks!
Very useful information, alot to unpack in such a short amount of time, thank you.
Where do we take the Certified ISO/IEC 27001 Foundation exam?
Check out IT Governance
11:17 using machine accounts instead of an AD service accounts is a bad practice.. each service running in this context on the server will have the same password, and more importantly if an attack gains local admin rights on the server he has full controll on the service as well. Adding the fact that you cant enforce policy with AD and use restrictions.. this is not a good advice, actualy the best mitigation you forgot to mantion is to add the domain service account to gMSA - Group Managed Service Accounts. This will automaticly set a strong random password and rotate it automaticly as well as other hardenings on the service account itself
The American Institute of Certified Public Accountants (AICPA) is the entity who governs the System and Organisation Controls (SOC2) framework
Thank you for the very insightful and informative explanations! There are many videos I've watched that explain Windows Active Directory concepts. This video and channel is the best one so far! Love how you include diagrams and talk about the focused concepts from start to end with points about defensive security concepts too! Keep inspiring man!
Thank you!
You guys mention the word "faylengths" a couple of times when speaking about maintaining the PCI program? How exactly do you spell the word and what are they? The word is mentioned in the video at 36:38 to be exact..
Very helpful, thanks for posting!
thank you