Preparing for a compliance audit…and why companies aren’t … Part 2 Steps to Compliance

In my last article I discussed compliance in an ideal world, but then talked about the reality that companies face regarding compliance efforts in the real world.  If you are ready to move your organization’s compliance and security posture closer to the ideal world, here are seven steps every IT organization should take whether they […]

Preparing for a compliance audit…and why companies aren’t

  Ideal World In an ideal world, a robust Information Security Program is a prominent feature of any IT or service organization’s security, compliance and audit strategy.  An overseeing governance, risk and compliance committee, comprised of key stakeholders, would complete a risk assessment prior to a service being launched.  Including having process and system risks […]

Sienna Group chosen for 20 Most Promising Compliance Technology Solution Providers

The Sienna Group is recognized by CIO Review magazine, as part of its annual listing, as a company at the forefront of providing compliance solutions and impacting the marketplace. Read the Article in CIO Review Magazine Visit our webiste

Managing Controlled Unclassified Information (CUI) – Part Two of a Three Part Series

In my first blog on Controlled Unclassified Information (CUI), I discussed ways in which your organization could get started with the Defense Federal Acquisition Regulation Supplements (DFARS) compliance activities around CUI and the deadline of December 31, 2017.  Hopefully, everyone reading this part two of the three-part series has created the policies required to identify, […]

End-of-Year Security Assessment Checklist

  We are closing in on another completed circle around the sun. A journey that has produced, yet again, more newsworthy data breaches that eclipsed those of yesteryear. Common headline, different time. Although these breaches are raising organizational and consumer awareness, we still commonly encounter two familiar end-of-year themes: Your organization is scrambling to execute […]

John Ford – IT Nation 2017 Featured Speaker

Transforming your MSP into an MSSP You have a trusted and lengthy relationship with your customers, but now want to expand your business to include the opportunities within the IT Security arena. How do you communicate this without customers feeling you’ve been leaving something off the table in your current offerings? This session will provide […]

Getting Started with Controlled Unclassified Information (CUI) – Part 1 of a 3 Part Series

CUI appears to be the new buzzword for the end of 2017, especially for companies who are struggling with compliance to the Defense Federal Acquisition Regulations (DFARs) requirements and NIST SP800-171.  All is not lost, nor is it difficult to get started at this late date.  Over the next month, I will discuss CUI a […]

Valuation of Trade Secrets

    September 20 2017 In a series of articles devoted to trade secrets, Gowling WLG professionals share their knowledge to help you understand and manage trade secrets to use them as tools for competitiveness. This is the third of four articles that will make up the preamble for our upcoming conference on October 24. We […]

Data Classification…it just makes sense – One girl’s not so technical opinion

Data Classification As a layperson in a world of information security professionals, it’s sometimes a bit daunting keeping up from a technical perspective. Throughout my career, I’ve tried to arm myself with enough technical knowledge to engage in a discussion, however knew that inevitably, I’d have to bring in the “big guns” when I started […]