Login

Archives

Ransomware Attacks and Small Businesses
Ransomware attacks are big news right now. According to US Secretary of Homeland Security Alejandro Mayorkas, ransomware attacks are up a whopping 300% over the last year. Sadly, major pipelines and meatpacking plants and their million-dollar ransoms are just two mid-2021 examples of how s...
Read More
Why we use NIST 800-53 as our base-level Security Standard
The SPIO platform helps small companies build, mature, and document their security programs. We designed the SPIO platform around the NIST 800-53 standard. It's the model for the policies, training, and task buckets we’ve created for our clients to use. Our clients don't have to start with NIST 80...
Read More
What is the difference between a security program and security compliance?
When we start talking about security programs and standards, we need to also talk about security compliance. Unfortunately, these terms can start to blur together. To eliminate confusion, we define them here and explain how you will want to use them together to optimize your company’s information ...
Read More
Creating a Security Culture
Protecting your company requires a robust security program with documented policies and processes; but without consistent, thorough execution of those policies, your company isn’t actually any more secure. Program documentation, no matter how detailed or organized, doesn’t harden any targets on ...
Read More
5 Reasons Small Companies Avoid Cybersecurity and 5 Reasons You Shouldn't
Every company has valuable assets vulnerable to hackers. The size or stage of the company doesn't matter. All companies bear some degree of cybersecurity risk. Implementing a documented security program should be as foundational a task as devising your business model. Yet too many small compani...
Read More
5 Quick Wins to Improve Your Security Posture Instantly
Because of their size, small companies are especially vulnerable to cyber-attacks. Bad actors looking for quick wins are playing the odds that a small company has lax cybersecurity. That should be reason enough to start taking a closer look at the policies you have in place. But, if it’s not, cons...
Read More
A Guide to Common Security Standards
The growing number of security standards out there, each with their own acronyms and jargon, can seem overwhelming—but they don't have to be. We want to help provide some clarity. Here's an overview of five of the most common security standards. ISO 27001 NIST SP 800-171 and NIST SP 800-53 NIST Cy...
Read More
Answering Security Questionnaires
Do you have a customer that is asking you to fill out a security questionnaire as part of their "due diligence" process?  Does it make you nervous to start answering questions that aren't worded clearly or fall outside of your primary domain?   This post covers some of the basics for ...
Read More
Your First Security Hire
We often talk with companies that are thinking about hiring an FTE to help them with security. This post covers some of our thoughts and experiences in this area. As with many areas of security, there is no one size fits all approach that works here, but there are some pitfalls and ways to make [&he...
Read More
How to Improve the Security of Your Applications: A Starting Point
When we implement security programs, we often advise clients to build an inventory of their applications. There are a lot of things we can do when we know what our inventory is. We can do this right in the available tools developers are already using. This post covers one way to do this. APP INVENTO...
Read More

Deliver security your clients can trust

Excellent security for small companies to build a standards and audit ready cybersecurity program.
© 2019-2022 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram