What is the difference between a security program and security compliance?
When we start talking about security programs and standards, we need to also talk about security compliance. Unfortunately, these terms can start to blur together. To eliminate confusion, we define them here and explain how you will want to use them together to optimize your company’s information ...
Read More
Creating a Security Culture
Protecting your company requires a robust security program with documented policies and processes; but without consistent, thorough execution of those policies, your company isn’t actually any more secure. Program documentation, no matter how detailed or organized, doesn’t harden any targets on ...
Read More
5 Reasons Small Companies Avoid Cybersecurity and 5 Reasons You Shouldn't
Every company has valuable assets vulnerable to hackers. The size or stage of the company doesn't matter. All companies bear some degree of cybersecurity risk. Implementing a documented security program should be as foundational a task as devising your business model. Yet too many small compani...
Read More
5 Quick Wins to Improve Your Security Posture Instantly
Because of their size, small companies are especially vulnerable to cyber-attacks. Bad actors looking for quick wins are playing the odds that a small company has lax cybersecurity. That should be reason enough to start taking a closer look at the policies you have in place. But, if it’s not, cons...
Read More
A Guide to Common Security Standards
The growing number of security standards out there, each with their own acronyms and jargon, can seem overwhelming—but they don't have to be. We want to help provide some clarity. Here's an overview of five of the most common security standards. ISO 27001 NIST SP 800-171 and NIST SP 800-53 NIST Cy...
Read More
Answering Security Questionnaires
Do you have a customer that is asking you to fill out a security questionnaire as part of their "due diligence" process?  Does it make you nervous to start answering questions that aren't worded clearly or fall outside of your primary domain?   This post covers some of the basics for ...
Read More
Your First Security Hire
We often talk with companies that are thinking about hiring an FTE to help them with security. This post covers some of our thoughts and experiences in this area. As with many areas of security, there is no one size fits all approach that works here, but there are some pitfalls and ways to make [&he...
Read More
How to Improve the Security of Your Applications: A Starting Point
When we implement security programs, we often advise clients to build an inventory of their applications. There are a lot of things we can do when we know what our inventory is. We can do this right in the available tools developers are already using. This post covers one way to do this. APP INVENTO...
Read More
Security Culture: Vulnerable Dependencies
In the latest video of our Security Culture series, we talk about software dependencies. You can also listen in on our podcast. THE BASIC PROBLEM When we build software, we use lots of libraries that we didn’t write. They could be open source, they could be commercial, the...
Read More
How to Stay Secure While Working Remotely
In light of Coronavirus / Covid-19 and in particular, the key CDC recommendation that we implement social distancing (work from home), we wanted to try to write a helpful post about how to stay secure as a remote employee. Jemurai has always been remote-friendly, with e...
Read More

Deliver security your clients can trust

Excellent security for small companies to build a standards and audit ready cybersecurity program.
© 2021 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram