The healthcare industry is at a turning point. The proposed updates to the HIPAA Security…
Seiso Notes
Our latest resources to help cybersecurity and business teams navigate the complexities of the cyber threat landscape together.
Featured Resource
Get Seiso Notes Delivered to Your Inbox
GRC and Compliance
2025 HIPAA Security Rule Guide and Compliance Checklist
Simplifying GRC to Drive Growth and Build Lasting Security
Managing GRC (Governance, Risk, and Compliance) effectively is essential to your business's long-term success. But don’t just check compliance boxes—build a GRC program that’s embedded into the DNA of your business. This not only strengthens your security posture but also provides long-term benefits, such as easier audits, stronger customer trust, and the ability to demonstrate security readiness to your board and stakeholders.
Information Security Policy Documents: The Roadmap to Your Secure Technology
Last Updated July 24th, 2023 How can I ensure my organization drives towards a secure…
A Timeline of Frameworks for Cybersecurity and Compliance
In the world of cybersecurity, IT and risk managers have long touted the benefits of…
CMMC - Get Ready, Now!
Introduction The defense of sensitive information against cyber threats has been highlighted as a critical…
When to adopt ISO 27001:2022
Technology changes fast. A decade in technology is a long time. While there are many…
Cloud Security
7 Cloud Security Mistakes You May Not Realize You’re Making
Cloud security is getting more complex. With each new tool and layer of protection, complexity builds, and so do the risks. Many organizations make common security mistakes without realizing it. If security feels overwhelming, it’s time to rethink your approach.
Seiso Earns Trusted Cloud Consultant Designation from Cloud Security Alliance
Pittsburgh, PA – Seiso, a fast-growing cybersecurity provider, is proud to announce that it has…
Assessing Environments Against Cloud Native Security Best Practices
The Cloud Native Security Controls Project simplifies compliance by mapping cloud-native best practices to frameworks like NIST 800-53. Learn how automation reduces toil, enhances security, and empowers teams to tackle compliance challenges with confidence.
Security and Tech Briefs
Exploiting Tableau Site-Specific SAML
On November 19th, Tableau announced a Critical vulnerability that allows “…an unauthenticated attacker to configure Site-Specific SAML settings and can lead to account takeover
KubeCon NA 2022 - Simpler is Secure-er
Last Updated November 2nd, 2022 There were plenty of hot topics this year at KubeCon…
SolarWinds Attack, Part Three - Turning Good Security Into Great
In parts one and two of this series, we talked about enhancing visibility into your…
SolarWinds Attack, Part Two – TPRM
Like all news-worthy attacks, much has been written about the SolarWinds attack, and there is…
SolarWinds Defense – Blue Team Perspective
SolarWinds Network Monitoring Systems have been a de-facto standard for network monitoring and defense for an extended period of time. The recent breach occurred by gaining access to the SolarWinds servers and replacing files that are part of the Orion Network Monitoring suite with...
SolarWinds, Part One – Supply Chain
The scope of the SolarWinds supply-chain attack continues to expand. Over the last two months,…
KubeCon & CloudNativeCon 2020 - Takeaways
The Seiso team recently had the pleasure of virtually attending the 2020 iteration of KubeCon…
Product Security
Top 5 Essential Tips for Building an Application Security Program
As threats become more sophisticated and compliance requirements grow stricter, it’s crucial for Chief Information…
Break the Waterfall Cycle: Do Agile
A project, defined by the Project Management Institution (PMI), is ‘a temporary effort to create…
Confronting the Conundrum: Software development speed vs. security
It has often been said — and to some degree tolerated — that myopic security…
Cybersecurity Strategy and More
5 Mistakes That Cost Millions During M&A
Understanding the Stakes In the world of Mergers and Acquisitions (M&A), the potential for growth…
Cybersecurity Maturity 101
With the announcement of the Cybersecurity Maturity Model Certification (CMMC) model and program, the practice…
Exploiting Tableau Site-Specific SAML
On November 19th, Tableau announced a Critical vulnerability that allows “…an unauthenticated attacker to configure Site-Specific SAML settings and can lead to account takeover
Penetration Testing Differentiators
What to Look for When Contemplating a Penetration Test for your Organization Seeking Clarity Having…
Seiso at TRISS 2024: What We Learned and What’s Next
At the 2024 Three Rivers Information Security Symposium (TRISS), Seiso joined Pittsburgh’s top cybersecurity minds to explore the latest challenges and opportunities in our industry. From proactive risk management to AI governance and the need for diversity, each session provided invaluable takeaways.
Steps to Establishing Cybersecurity Awareness
Awareness is a mindset -- it requires personal and organizational accountability across many domains. Machine security, password discipline, and data privacy to name a few. Good cybersecurity is part of your culture.
Tools Rationalization: Saving Your Security Budget Through Security Tooling Re-Evaluations
Evolving Capabilities A commonly overlooked process that many organizations can benefit from is the task…
Seiso News
Seiso Earns Trusted Cloud Consultant Designation from Cloud Security Alliance
Pittsburgh, PA – Seiso, a fast-growing cybersecurity provider, is proud to announce that it has…
Seiso Launches Cyber Resilience Strategy & Business Continuity
Expert Additions Bring Full-Service Crisis Management and Crisis Communication Capabilities to the Team February 26,…
Seiso LLC Appoints Eric Lansbery as Chief Operating Officer and Welcomes Him to the Ownership Team
For Immediate Release Pittsburgh, Pennsylvania, April 2, 2024 — Seiso proudly announces the well-deserved promotion…