5 Things Your SaaS Company Should Know About GDPR

by    •   February 9, 2018
posted in Compliance & Customer Requirements

The General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, and despite being a European Union regulation, its effects are far reaching, as we’ll explain below. Regardless of where a company is based, it is subject to GDPR if it collects “personal data” from a person physically located in an EU country, provided the collection relates to offering goods or services or monitoring their behavior. Thus virtually any website that collects data would be subject to GDPR. Many SaaS organizations may feel overwhelmed by these new regulations or unsure of how they will (or won’t) apply to them.

Despite the flood of information that’s been published about the new regulation, many SaaS companies are still unclear about what GDPR means for them, so in this post, we have provided a brief definition of the GDPR followed by five key points you should be aware of. Read more “5 Things Your SaaS Company Should Know About GDPR”

Threat Stack Takes Home Gold in the 2018 Cybersecurity Excellence Awards

by    •   February 8, 2018
posted in Award

The Winter Olympics haven’t even started, but Threat Stack has already taken home two Golds and a Bronze in the 2018 Cybersecurity Excellence Awards.

The Awards, which were announced yesterday, honored Threat Stack with:

  • Gold for Intrusion Detection & Prevention
  • Gold for Insider Threat Detection
  • Bronze for Best Cybersecurity Startup

Read more “Threat Stack Takes Home Gold in the 2018 Cybersecurity Excellence Awards”

How a Cloud Security Company Runs Its Security Council

by    •   February 5, 2018
posted in Business Insights, Cloud Security Planning

At Threat Stack, we believe in building a security culture that starts at the top and functions as a cross-organizational discipline. Achieving this goal requires education and transparency among business partners. That’s why we at Threat Stack have built our own internal security council, which meets regularly and reviews issues that are relevant and timely for our organization. Read more “How a Cloud Security Company Runs Its Security Council”

The Costs of Open Source & Point Solutions for SaaS Security

by    •   February 1, 2018
posted in Business Insights, Cloud Security Planning

As a SaaS company, your time and resources are valuable. You need to make solid, strategic decisions about where to focus your time and energy. You also need to ensure that your organization is secure and compliant in the ways that matter to you and to your customers.

When it comes to security tools, there are a few options:

  • Build your own
  • Buy a bunch of point solutions
  • Use open source security tools
  • Invest in a security platform

Read more “The Costs of Open Source & Point Solutions for SaaS Security”

How to Answer Tough Board-Level Security & Compliance Questions in 2018

by    •   January 31, 2018
posted in Cloud Security Planning, Compliance & Customer Requirements

GDPR. Meltdown. Spectre. SOC 2. Coming at you like mosquitos on a hot summer night, these topics are of top concern for board members and security teams alike this year. But what do you do when these issues really aren’t of concern to your particular organization? And how can you put your board and executive team at ease when these issues hit the news?

Our CSO Sam Bisbee spoke about ways to handle and prepare for each of these hot ticket questions in yesterday’s webinar. You can view the entire webinar or read our recap below so you can begin preparing today. Read more “How to Answer Tough Board-Level Security & Compliance Questions in 2018”

Upcoming Webinar: “5 Security & Compliance Questions Your SaaS Business Should be Prepared to Answer in 2018”

by    •   January 29, 2018
posted in Business Insights, Compliance & Customer Requirements

Live January 30 at 1:00 p.m. EST (10:00 a.m. PST)

Click here to register.

Today’s headlines are full of dire news about the latest cybersecurity threats, and without fail, these blur the lines between hype and reality.

As a security, technology, or product leader, you need to separate fact from fiction so you can give your stakeholders an accurate picture of the security and compliance issues your company is facing along with a realistic plan for how you intend to manage them. Read more “Upcoming Webinar: “5 Security & Compliance Questions Your SaaS Business Should be Prepared to Answer in 2018””

How SaaS Companies Can Build a Compliance Roadmap for 2018

by    •   January 26, 2018
posted in Compliance & Customer Requirements

As a SaaS company, compliance is probably the last thing you want to think about as you kick off the new year. It can be complicated, but meeting compliance requirements can also open up new markets, speed up your sales process, and improve your company’s overall security posture. When it comes to improving your security maturity, compliance can serve as a useful part of your strategy.

Entering new markets, whether you’re targeting specific industry verticals or going after international customers, requires continuous education and awareness about the latest in compliance and regulatory standards as they relate to data privacy and security. With that in mind, this post takes a brief look at key standards in order to give you insights into the security and privacy requirements that may be pertinent to the way your SaaS company engages with prospects and customers and handles sensitive data. Read more “How SaaS Companies Can Build a Compliance Roadmap for 2018”

How to Obtain Buy-in on Security Initiatives for Your SaaS Company

by    •   January 22, 2018
posted in Cloud Security Planning, How To Strengthen Security

Strong security is vital to any SaaS company, enabling platform stability and integrity while instilling confidence in potential customers.

There’s nothing new in this statement, but, with an eye on the bottom line, C-Level executives, board members, and VC firms often take a little more convincing when it comes to implementing new cloud security strategies — especially if it means shelling out cash for new solutions or team members. Obtaining buy-in for new security initiatives can be a time-consuming task requiring several layers of validation.

There’s a very real risk of security initiatives losing out to more obvious business drivers when it comes time for budget allocation. But as an IT or security team lead, it’s your job to advocate for security priorities. In this post, we’ll outline the steps you can take to get the green light you need for your cloud security strategy. Read more “How to Obtain Buy-in on Security Initiatives for Your SaaS Company”

Resources to Help You Carry Out Your 2018 Security Resolutions

by    •   January 15, 2018
posted in Cloud Security Planning, Customer Viewpoints, How To Strengthen Security

The other week we outlined a number of resolutions to put you on the path to a cyber-secure 2018. In this post we’re going to direct you to some of the resources we produced in 2017 that will help you carry out those resolutions.

2017 was an eventful year in the cybersecurity world — to say the least! It seems that every day a new threat or major breach was causing a stir — whether it was Equifax, the RNC voter data exposure, WannaCry, Uber, Alteryx, or — to start the new year — Spectre and Meltdown!

If you want to take a look at the World’s Worst Data Breaches, here you go. But we’re going to stick to our preferred approach: After you read the splashy headlines, look inward to make sure your own data and systems are secure. To help you secure and manage your cloud environments, we’ve put together a summary of a few of the great resources we produced in 2017. Read more “Resources to Help You Carry Out Your 2018 Security Resolutions”