GRC
-
Data Governance and Data Management. Are they the same thing?
The terms Data Governance and Data Management are frequently used, and just as frequently, they are confused for one another. While they sound similar and are closely related, they represent distinct and complementary functions.…
-
Risk Intelligence & Threat Intelligence
Are you familiar with Risk Intelligence and Threat Intelligence? Do you think they are similar? I was asked the other day what the difference was between the two. So, I…
-
Cybersecurity Approaches and Regulations
We are all aware that cybersecurity is a pressing concern for businesses, regulators, and policymakers alike. However, what constitutes “reasonable” cybersecurity remains subject to interpretation. Understanding how regulators and lawmakers…
-
NIST AI Risk Management Framework 1.0 Overview
This Framework was released in January 2023, and provides guidelines to manage risks associated with AI systems, and it emphasizes key principles such as validity, reliability, robustness, explainability, privacy, and…
-
Key Updates in NIST Cybersecurity Framework 2.0
The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024 (exactly one year ago today), introduced several significant updates compared to CSF 1.1 (2018) to address evolving cybersecurity challenges and…
-
Incident Response using the NIST Guidelines
The National Institute of Standards and Technology (NIST) provides structured guidelines for incident response to help organizations effectively manage cybersecurity threats. These guidelines can be found in the framework for…
-
Enhancing GRC Efforts through Technology
By Jorge Castaneda Leveraging Technology and tools can help transform Governance, Risk, and Compliance Management. GRC is a crucial aspect of business operations, ensuring that organizations meet regulatory requirements, manage…
CyberCasta 