ZenGRC

Simply Powerful GRC

Home » Resource Center » Blog

Blog

Found 1516 Results
Page 22 of 152

What Does PCI DSS Stand For?


In the digital age, where every transaction and click leaves a footprint, the security of payment card information has never been more crucial. Enter PCI DSS, a standard that has become synonymous with the secure handling of credit and debit card transactions. But what exactly does PCI DSS stand for, and why is it so […]

Double exposure of man hands holding a credit card and data theme drawing. E-commerce and technology concept

Tags: ,

December 28, 2023

Creating a Plan for Supply Chain Sustainability


The COVID-19 pandemic demonstrated the imperative for businesses to look beyond simple profit considerations when developing their supply chain management plans, to consider supply chain sustainability factors as well. Narrow procurement goals of cost, quality, and technology left many chief supply chain officers (CSCOs) ill-prepared for the fractured global supply chains and costly disruptions triggered […]

network of connected block nodes

Guide to CCPA Compliance Automation Tools


As global concern for data privacy escalates, governments worldwide are intensifying their efforts by implementing stringent data protection laws. One of the most comprehensive and impactful of these in the United States is the California Consumer Privacy Act (CCPA). This pivotal legislation sets a precedent for data privacy and imposes significant obligations on organizations that […]

automation focus on business outcomes risk-first approach

What is Protected Health Information (PHI)?


Stolen medical data is hugely valuable on the dark web — and the healthcare industry has many data breaches to prove it.  Healthcare data breaches increased by 55.1 percent in 2020 and cost healthcare organizations an estimated $6 trillion. The average cost of each breach was $7.13 million, the highest of any industry. More than […]

Doctor pushing button locked shield virus security virtual healthcare network medicine

What is Zero Trust Architecture?


Zero Trust Architecture (ZTA) is a security model that trains compliance teams and IT staff to never automatically trust any requests on their networks, even if they originate internally. The “never trust, always verify” mantra governs all access controls. Related to this concept, Zero Trust Network Access (ZTNA) specifically secures and monitors administrative connections to […]

computer screen with augmented reality shield with keyhole overlay

Preparing for FedRAMP


Many government agencies exist as businesses and organizations use cloud-based technology for various services. Cloud computing is the way of the future – but it also introduces new security risks to organizations using the cloud as a technology strategy. Many government agencies own susceptible data, which could have potentially devastating implications in the wrong hands. […]

U.S. Capitol Building with digital node overlay

What is Data Governance?


Data governance is the collection of policies and practices that an organization uses to assure that it can use its data assets effectively and efficiently to achieve its business goals. Typically data governance includes such concepts as data quality and data stewardship, which allow a company to control its enterprise data assets and metrics more […]

Big data technology and data science. Data scientist querying, analysing and visualizing complex data set on virtual screen. Data flow concept.

Tags:

What is a PCI Gap Assessment?


A PCI DSS gap assessment (sometimes called a PCI gap analysis) examines a company’s cardholder data environment (CDE) to determine compliance with the Payment Card Industry Data Security Standard (PCI DSS). A qualified security assessor (QSA) performs the assessment. An information security framework, the PCI DSS aims to help merchants and service providers protect credit […]

female holding credit card while typing on keyboard

Hybrid Cloud vs. Multi-Cloud: What’s the Difference?


In the beginning, there was “the cloud.” The concept was a bit fuzzy around the edges (like all clouds), but compliance officers understood what the term meant. The cloud was the ability of one company to provide computing, storage, and networking capabilities to other companies via the Internet — whenever the customer needed those services, […]

Server Racks Floating In Clouds

December 21, 2023

What Is the FedRAMP Marketplace?


The Federal Risk and Authorization Management Program (FedRAMP) is meant to assure the security of cloud services used by the U.S. government. It standardizes the security assessments, authorizations, and continuous monitoring of Cloud Service Offerings (CSOs) used by federal government agencies. With the help of FedRAMP’s guidelines and standards, federal agencies can assess whether a […]

Hand holding tablet with cloud technology and dark concept

December 20, 2023

Page 22 of 152

Ready to Experience Simply Powerful GRC?

×