Cybersecurity & Risk Management Blog

Breaches Blog Technical articles

February 25, 2020

What is the SIG Questionnaire?

The Standardized Information Gathering (SIG) questionnaire is used to perform an initial assessment of vendors, gathering information to determine how security risks are managed across 18 different risk domains.

11 minute read

All posts

February 25, 2020

What is the Vendor Security Alliance (VSA) Questionnaire?

The Vendor Security Alliance (VSA) questionnaire was ...

9 minute read

February 24, 2020

What is HECVAT (Higher Education Community Vendor Assessment Toolkit)?

The Higher Education Community Vendor Assessment Tool ...

10 minute read

February 20, 2020

What is Cross-Site Scripting (XSS)?

Cross-site scripting (XSS) is a type of security ...

9 minute read

February 19, 2020

What is Data Loss Prevention (DLP)?

Data loss prevention (DLP) is a set of processes and ...

12 minute read

February 18, 2020

What are the OWASP Top Ten?

The OWASP Top 10 is a regularly-updated report outlining ...

22 minute read

February 17, 2020

What is a Whaling Attack?

A whaling attack is a type of phishing attack that targets ...

9 minute read

February 13, 2020

What is HSTS (HTTP Strict Transport Security)?

HTTP Strict Transport Security (HSTS) is a web security ...

11 minute read

February 12, 2020

HIPAA Privacy Rule Summary and Compliance Tips

The Standards for Privacy of Individually Identifiable ...

16 minute read

February 11, 2020

Why is Third-Party Risk Management Important?

Globalization and increasing regulatory pressure means more ...

11 minute read

February 10, 2020

How to Comply With CPS 234

Prudential Standard CPS 234 Information Security (CPS ...

24 minute read

February 6, 2020

How to Manage Third-Party Risk

Engaging with third-party vendors for the provision of ...

14 minute read

February 5, 2020

Why are Security Ratings Important?

Security ratings or cybersecurity ratings provide risk ...

12 minute read

February 4, 2020

What is the Florida Information Protection Act (FIPA)? Compliance Tips

The Florida Information Protection Act of 2014 (FIPA) came ...

10 minute read

February 3, 2020

What Is Email Security? And What Are Best Practices?

Email security refers to various cybersecurity measures to ...

21 minute read

January 30, 2020

What is Penetration Testing?

Penetration testing, pen testing or ethical hacking, is the ...

12 minute read

January 29, 2020

Why is Vendor Risk Management Important?

Engaging third-party vendors for the provision of goods and ...

11 minute read

January 28, 2020

What is NIST SP 800-171? Tips for NIST SP 800-171 Compliance

NIST Special Publication 800-171, Protecting Controlled ...

13 minute read

January 23, 2020

What is Cybersecurity Performance Management?

Cybersecurity performance management is the process of ...

9 minute read

January 22, 2020

What is NIST SP 800-53? Tips for NIST SP 800-53 Compliance

NIST Special Publication 800-53, Recommended Security ...

11 minute read
1 2 3 4 5
❯❯
quote end

Chuck Adkins

VP of Technology
New York Stock Exchange
NASA Logo Dark NYSE Logo Light
Morningstar Logo Light Akamai Logo Light
Bill Com Logo Light IAG Logo Light ICE Logo Light ADP Logo Light
"Before, we needed an army to reconcile all of our changes. Now, we have an automated, scalable process that strengthens our regulatory stance, expands our coverage, reduces operational risk, and allows us to continuously improve our IT operation process."

Featured in

Washington Post Logo Techcrunch Logo
Forbes Logo New York Times Logo
Gizmodo Company Logo Bloomberg Company Logo

See UpGuard In Action

Book a demo with one of our cybersecurity specialists.