ClearOPS

We dropped our latest newsletter, Responsible. Every Tuesday! Subscribe to find out what happens next. clearops.beehiiv.com/p/responsible-…. .

You need help with security questionnaires. Not a SOC2 audit.

Don't get left behind. Join the movement. #ResponsibleAI

Join our growing newsletter on #ResponsibleAI clearops.beehiiv.com

Clear Answer Management: Generate revenue with better security! by @mcmccaffery producthunt.com/products/clear…

Security questionnaire response writing assistant

Here is our guide on how to write the Gen A.I. policy for your clients. clearops.io/blog/how-to-ma…

Ho, Ho, Hold the Holiday Gift Cards on ClearOPS Bridging the Gap between Privacy and Security clearops.substack.com/p/ho-ho-hold-t…

The most backwards practice in cybersecurity is to allow sales to answer secques and not also have them do due diligence on their own vendors for security compliance.

“Point-in-time security questionnaires are a legal requirement, not a preventive control. The number of third-party providers can be staggering, with security teams having to assess hundreds of providers,” he said.securityboulevard.com/2022/09/white-…

My 1FA is Probably Better than Your MFA on ClearOPS Bridging the Gap between Privacy and Security clearops.substack.com/p/my-1fa-is-pr…

Why ClearOPS Builds Automation Technology for vCISOs on ClearOPS Bridging the Gap between Privacy and Security clearops.substack.com/p/why-clearops…

@kelleymak You can't do security alone. That's why you need a #vCISO if you don't have an in-house team.

The most challenging part of security isn’t convincing people they need it, but providing actionable guidance on how to be secure To do that, everyone, not only the security team, needs context and data about how to make the right decisions. Security teams can help 1/

Wow! I guess #cybersecurity is a good industry to be in. cybersecurityventures.com/jobs/

Wouldn't it be easier if someone else helped you find them? Can a tool do that? Yes, yes it can.

We have been really focused on #risk #assessments recently. As required by SOC2 and ISO 27001, it forces you to put to paper the logic of your assessment of risks. The hardest part? writing down the risk.

@tomasfejfar @securitytxt @webflow @callmevlad Let's start a movement. Twitter #infosec - any help?

@securitytxt @_ClearOPS_ @webflow @callmevlad Hey @webflow! No response here? We understand there may be some technical challenges to the implementation, but no response does not seem right.

"The Challenges of Privacy and Security by Design" by @_ClearOPS_: clearops.substack.com/p/the-challeng…. @webflow, are you considering adding support for text files in the .well-known directory (RFC 8615) so that users can host security.txt files? (cc: @callmevlad)

#infosec vendors please never cold call personal phone numbers - it is a terrible practice. Most #security folks will block the number and may not do business with the vendor. I have posted about this before, but the number of vendor calls have significantly increased.

If you fill out a vendor risk questionnaire through a third party, you need to ask for a copy of the completed questionnaire for liability purposes.