Readers, I’ll let you in on a little secret…

Between you and me, I was hacked; by my best friend no less! Thankfully, it was just an irritating prank, but it served to teach me a lesson.

Despite my grandiose beliefs that I knew everything I needed to know about all things digital, I hadn’t the faintest idea about how to spot a fraudulent message from a legitimate one. And this kind of threat is one of the biggest risks businesses face today.

In 2005, 157 data breaches were reported in the U.S., with 66.9 million records exposed. From 2005-2014 there was a 500% increase in data breach frequency.

That number almost doubled in 3 years to 1,579 reported breaches in 2017.

Although data breaches have since declined (1,506 issues were reported in 2019), IBM’s 2020 Data Breach report filed a 12% rise in data breach costs over 5 years, increasing to ~$3.92 million per incident.

The growing number of breaches and associated costs seems to be consequential of continuously changing hacking methods and an expanding number of entry points (that comes from digitization).

Security audits allow organizations to set up tougher walls of safety, as an adaptive defense against data breach threats.

With this in mind, Process Street created this article as your ultimate security audit guide, with access to our free security audit checklists and processes.

We’ll be covering:

• What are security audits?
• 4 security audit checklists for preventative risk management
• Security audit best practices
• Security processes for tighter security safety

Let’s get started!
Continue Reading

The year is 2025. Over 465 exabytes of new data is generated each day. The global cybersecurity market is worth $241 billion. Your managed services provider is still using a process document dated March 2019, and you’re starting to regret not having gone with that ISO 27001 certified provider.

Hell, at this point you’re starting to think even an in-house ISMS (Information Security Management System) implementation would have been a better option.

But I’m getting ahead of myself; let’s return to the present. Is ISO 27001 all it’s cracked up to be? Whatever your stance on ISO, it’s undeniable that many companies see ISO 27001 as a badge of prestige, and using ISO 27001 to implement (and potentially certify) your ISMS may well be a good business decision for you.

In this article, we’ll take a look at the foremost standard for information security management – ISO 27001:2013, and investigate some best practices for implementing and auditing your own ISMS.

Here is a summary of what we’ll cover in this Process Street article:

• ISO 27001: The basics & why standards are important
• Who needs ISO 27001?
• How to implement ISO 27001
• Free ISO 27001 checklist
• How to get ISO 27001 certified
• Integrating your ISMS with other ISO standards

If you just want the free checklist for implementing and auditing your ISMS, you can grab that here. Otherwise, read on!
Continue Reading

This is a guest post by Jack Warner. Jack is an accomplished cybersecurity expert with years of experience under his belt at TechWarn, a trusted digital agency to world-class cybersecurity companies. A passionate digital safety advocate himself, Jack frequently contributes to tech blogs and digital media sharing expert insights on topics such as whistleblowing and cybersecurity tools.

Why did you choose the browser you’re currently using?

If your answer is along the lines of “because everyone uses it“, you might want to rethink your choice.

Unfortunately, popularity is not inextricably linked to security. And in a world where cybercrime is ever more prevalent, privacy should be your utmost concern when you’re choosing a browser to surf the web. By 2021, online miscreants are expected to cause a whopping 6 billion dollars in damages. From a business perspective, you have no good reason to shoulder the risk that comes with a lack of sufficient browser security.

In this guest post for Process Street, I’ll discuss how different browsers fare at preserving your privacy and maintaining security, on top of providing ten tips to stop you and your team from falling victim to data breaches.

Read through the following sections to get clued up:

• Web browser security: What are the most secure browsers?
• 10 tips to digitally secure your browser & business properly
• Take control of your IT and security processes with Process Street!

Let’s get started.

Continue Reading

This is a guest post by Sam Bocetta, a retired engineer and current freelance journalist who specializes in writing about cyber defense, data privacy, and online security.

Cybersecurity is a process, not an event.

Though there are some tools and systems that you can put in place to dramatically improve the security of your workflow, in reality the best way to protect yourself against hackers is to stay constantly vigilant for emerging threats.

For this reason, rigorous cybersecurity practices should be built into your general workflow. They should be an integral part of building a knowledge management system, and integrated into everyday business practices.

One of the most powerful ways of doing this, and one that will also ensure that you don’t miss anything important, is to use checklists to codify daily, weekly, and monthly security tasks.

This system should also clearly indicate responsibility for each task, and specify mitigation steps should any issues be found.

In this article, we’ll cover:

• Building a security checklist
• Creating a security culture
• How to use Process Street to incorporate security into your workflows
• More information security resources

Before specifying the tasks that should be part of your security workflow, let’s look at why having a regular security checklist is so important.
Continue Reading