Top 5 Information Security Takeaways in 2018

Compliant does not always mean secure - this is one of the maxims held above all at Garland Heart. While being compliant with the regulations of your industry will cut down on the risk of an information breach, it does not mean that all the vulnerabilities in your system have been accounted for.

In order to get in front of any risks (proactive

Top Five Takeaways of Information Security in 2017

The nature of information security is that it is ever evolving. As we become more technologically advanced, new challenges present themselves. The key is to never become complacent, and always keep an eye out for advancements that can protect you, your team and your clients.


Regulatory compliance moves at a pace that attempts to keep up with

Compliant is NOT Always Secure


We are PCI Certified!  How did we get hacked?!?!?
We have a 1 on our FFIEC exam and still had this data breach?
There were no exceptions on their SOC report, but our vendor still had a compromise?
At Garland Heart, we have heard these comments and questions time and time again.  You have definitely heard them in the news.  Entities from big

Proactive Compliance

We understand the budget restraints and "rabbit hole" you can get yourself into regarding compliance and security. How much do I do before the cost outweighs the benefit?

Oftentimes while onsite with our clients we find ourselves discussing the balance between regulations or minimum standards compared to industry best practices or trends. They

ADA Website Compliance

As many of you have seen there are numerous companies, including community banks, receiving demand letters claiming the company's website is violating ADA (Americans with Disabilities Act) compliance. We wanted to help simplify it and give folks a plan of action. 
ADA Compliance for websites helps the visually impaired "read" your website

4 Ways Banks Prevent Security Disasters

In September, Yahoo became the latest company to admit it had a serious data breach. A suspected state-sponsored hacker had compromised the user data, which included security question answers, passwords, phone numbers and birth dates, of 500 million accounts. Many Yahoo users also trusted the company with their bank account and credit card

A Complete Guide to the Information Security Lifecycle

When it comes to the safety of your data and technology systems, it’s vital that your organization recognizes the reality of the “information security lifecycle.” By its very name, the info security lifecycle indicates that true information security is a process, not a “one and done” solitary project. Information security has no end-point, and

Why a Virtual CISO is the Best-Kept Secret in Information Security

The twin gas pedals of globalization and technology have increased the speed of business to the point where you can blink and suddenly not recognize the landscape around you. This is especially true when it comes to information security, where the very concept of “hacking” and data theft went from Hollywood science fiction to a pressing fact of

3 Key Guidelines for CISOs in the Era of the Cloud

Before the cloud, most business chose to store their data on internal servers they managed. Because of this, accessibility typically was limited to helping reduce how vulnerable a business's information was to hackers. With the inception of the cloud, companies have poured billions of dollars into this technology and the corresponding cyber

3 Tips to Encourage Collaboration In Your Organization's Security Processes

While information security has assumed top priority in many organizations, the steps that enterprises take to strengthen their overall cybersecurity often focus solely on improving the technology and processes involved in those efforts. Unfortunately, such a heavy focus on the technical mechanics of cybersecurity neglects the human side of the