Today's Edition: To ISO 27001, 27002, 27005, and Beyond!
Updated ISO publications stressing you out? We’re breaking down all the changes in this edition of Trusted, including:
- Introduction of risk scenario
- Differences between event-based and asset-based risk identification
- Increased control details
- And more!
Join us for an in-depth look at ISO 27001:2022 in our March 9th webinar with Aprio!
Plus, an inside look at the latest Compliance Uncomplicated episode! Drata co-hosts, Daniel Marashlian (Co-Founder & CTO) and Helina Medhin (Senior Community Strategist), talk to Yishai Beeri, the CTO of developer workflow optimization company, LinearB.
5 Cybersecurity Challenges in Healthtech + How to Address Them
As healthtech grows, it’s becoming increasingly evident that keeping your systems secure goes beyond staying HIPPA compliant. This blog covers common cybersecurity obstacles in the healthtech world and strategies to overcome them, including:
- Legacy systems
- Privacy and data protection
- Additional complexity
- Consumer wearables
From Drata's Experts
ISO 27005:2018 vs. ISO 27005:2022
Wondering what the differences are between ISO 27005:2018 and ISO 27005:2022? Keep reading for a list of key changes.
How Long Does a SOC 2 Audit Take?
Discover how long it takes to complete a SOC 2 audit and how automation can help you get and stay in compliance faster.
ISO 27001:2022 vs. ISO 27002:2022
Five critical differences between ISO 27001:2022 and 27002:2022 to help you maintain compliance—check them out here.
Compliance Uncomplicated Episode 3: The Common Language of Security With LinearB
Listen along as Yishai shares his insights on the inevitable importance of automation in growth and his positive cross-departmental experiences incorporating compliance into LinearB. This episode discusses:
- Why now is the perfect time to get compliant.
- CISOs and creating a cross-developmental culture of security.
- Putting together a world-class tech team.
And then some.
Around the Web
Resources and Articles From Trusted Sources
The following articles highlight great insight and experience from security reporters, vendors, and thought leaders.
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022 | Krebs
How the U.S. Can Use Taxes to Improve Cybersecurity | Wall Street Journal
Sensitive US military emails spill online | TechCrunch
Fruit giant Dole suffers ransomware attack impacting operations | Bleeping Computer
DOJ Preps Antitrust Suit to Block Adobe’s $20 Billion Figma Deal | Bloomberg
From LinkedIn
Here are three principles Drata stayed laser-focused on as we began to accelerate our growth that may be helpful for you:
?? Prioritize Customer Feedback
It is gold. Whether you have 10 early customers or 100, the feedback from these earliest champions is uniquely valuable in your company’s journey. As a founder, you can actually meet with 100 customers in a relatively short period of time and learn what might take other companies years to learn and act on. These customers put their trust in us when there weren’t thousands already doing so—their impact is reflected in the product and GTM motion daily and we're forever grateful.
?? Ship Quickly
Act on that feedback! Ship quickly, learn more, and iterate again. Show progress in the direction your customers are eager for you to go. It will never be perfect, so it’s the team that moves quick, learns quicker, and iterates quickest that usually gets closest to perfection over time.
?? Invest in your Talent Strategy
Be intentional on culture as this is your opportunity to further differentiate and win, and it starts with your people. Define what culture is at your company, explicitly. Focus on culture add, not fit. Uphold and defend it and reward others for doing the same.
Via Adam Markowitz, CEO and Co-Founder at Drata
Secured Jobs
Jobs From the Community
Senior Manager Compliance Advisory - E-Business | Discover | Richmond, VA
GRC Risk and Compliance Analyst | JetBlue | NY
Cybersecurity Specialist - Cyber GRC | Ford Motor Company | Dearborn, MI
Have a role you want listed? Just reply to this email.
Trusted is produced by Drata's team of compliance and security experts.
Helpful Resources
Trusted is currently published twice a month and is designed to share the latest resources from around the compliance, risk management, and cybersecurity space. If you have suggestions or would like to include a recent article or podcast, please let us know.
?? Secured, The Drata Community
↘? Trusted: Share our newsletter with others