All Things Compliance
NYDFS Cybersecurity Regulation: Two Years Later, Let’s Check-In
21 Min Read January 16, 2020
The Best Cloud Security Conferences to Attend in 2020
Securing your cloud infrastructure is a big job. You always need to be up to date on skills, tools, and technology. To help you keep up with the latest cloud security trends, emerging threats, and best practices, Threat Stack frequently offers tips on professional development.
With that in mind, this post offers a round up of 46 cloud security conferences, grouped by quarter, so you can easily plan your schedule for 2020. (Note: Events with dates and locations yet to be determined for 2020 are grouped separately, as well as events with multiple dates and locations throughout the year.) For the most part, we’ve focused on North America — but keeping in mind that security is a global issue, of course — we’ve also included a few key events that are being held in other locations. (more…)
2 Min Read January 15, 2020
Threat Stack Named One of Top 10 Best Places to Work in Boston
At Threat Stack, we believe that one of the most important ways to drive a successful DevSecOps program is through an organizational culture based on transparency and collaboration. We take this to heart and dedicate a lot of resources to making sure the Threat Stack team is set up to succeed in its mission of delivering the best cloud security and compliance solutions on the market.
That dedication was rewarded earlier this week when Built In Boston placed Threat Stack in the Top 10 overall “Best Places to Work,” “Best Midsize Places to Work,” and “Best Paying Companies” in Boston. (more…)
5 Min Read January 9, 2020
An Inside Look at the Evolution of Threat Stack’s SOC 2 Processes
For the Third Straight Year, the Threat Stack Cloud Security Platform Meets Security and Availability Standards Set by the American Institute of Certified Public Accountants (AICPA) With Zero Exceptions
For the third consecutive year, Threat Stack has achieved Type 2 SOC 2 Compliance in Security and Availability with zero exceptions. This year’s examination (by Schellman & Company) was our most rigorous and comprehensive to date, and once again underscored our commitment and ability to maintain rigorous security standards in our company’s technology, processes, and personnel along with the highest level of security and privacy for our customers.
Does this year’s achievement mean that we simply repeated what we did last year and the year before? Emphatically No! Given the ever-changing nature of cybersecurity challenges and technologies, being able to adapt is essential. At Threat Stack, we take pride in our ability to continuously learn and improve, and that’s exactly what we did to achieve this year’s results. To learn more about how Threat Stack has consistently improved its SOC 2 examination processes and expanded its scope to include new controls and functionality, let’s jump into the story of SOC 2 at Threat Stack. (more…)
3 Min Read January 7, 2020
A Cybersecurity Risk Assessment Checklist for Infrastructures in Transition
Dev and Ops teams constantly evolve their technology and procedures to increase speed and lower costs. Typically this leads to increasingly abstracted infrastructure, such as containers, container orchestration, and serverless infrastructure — and while this makes it easier for organizations to advance their technical, operational, and business goals, it simultaneously increases vulnerability to attack, reduces visibility, and challenges existing controls.
Since it’s always more difficult to secure infrastructure after it’s built, the best time to evaluate monitoring and controls is when infrastructure evolution is being planned. During the planning stage, Security and Operations teams can evaluate the interrelated factors that affect security and ensure that appropriate mechanisms are integrated directly into infrastructure design and operations from the outset. Done this way, security becomes part of the infrastructure evolution rather than an after-the-fact add on, and delivers an immediate ROI instead of posing an operational burden. (more…)
6 Min Read December 18, 2019
What Our Readers Liked in 2019
2019 is almost over, and it’s time for our year-end wrap-up.
We’re committed to helping you strengthen your cloud security and compliance so you can focus on your core business goals. So instead of another list of predictions or biggest breaches, we’ve rounded up some of our most-read blogs from 2019. These cover a broad range of topics, and together offer great advice on how you can identify risks, set priorities, and develop a sustained, proactive approach to maturing your organization’s compliance and security posture. (more…)
4 Min Read December 12, 2019
Threat Stack Supports Omada Health’s HIPAA Compliance, Hyper Growth, & Operational Efficiency
“We like dealing with Threat Stack because they offer a complete solution. Threat Stack backs up its technology with security insights and expertise through its Insight and Oversight services — while most of their competitors rely on partners to provide services.” — Bill Dougherty, VP Information Technology & Security, Omada Health
Omada Health is leading the digital revolution in chronic disease prevention and management. Specializing in the prevention and treatment of obesity-related chronic diseases, Omada also offers a hypertension program, and recently launched a mental health application focused on anxiety and depression.
Operating under HIPAA, Omada is highly regulated and places a premium on data and systems security. Bill Dougherty, VP of IT and Security, puts it this way: “As the leading provider of digital care, protecting the health information of our participants is of the utmost importance. Trust and safety are a core part of our brand.” (more…)