Information Security Maturity


August 31st, 2017 Ed Snodgrass, CISO, Secure Digital Solutions Here at Secure Digital Solutions (SDS), we get the opportunity to work with many types of customers and many types of security vendors. Each customer has a different understanding of the value of cybersecurity maturity and each vendor uses the term […]

What a word means depends on where you are


June 22nd, 2017  Secure Digital Solutions releases TrustMAPP® version 2.2  to align risk with process maturity. For the first time security and business leaders can gain a comparative view of security maturity associated with identified risks. NEW FEATURES Risk Register, Management and Program Management Overlay Options TrustMAPP® now integrates risk, best practice […]

TrustMAPP® v2.2 Release Aligns Risk with Maturity





May 12th, 2017 Ed Snodgrass, CISO, Secure Digital Solutions Maturity is an interesting word. We’ve heard it throughout our lives and it’s had different meanings in different contexts.  As a kid, we heard it from our parents regarding “growing up” and “being more mature”.  We may not have understood it […]

Why do you measure cybersecurity maturity?









December 21, 2016 The original ideation leader behind TrustMAPP, Chad Boeckmann (@cboeckm), was recently asked to be a guest on the podcast “Down the Security Rabbit Hole” with Rafal Los (@wh1t3rabbit), James Jardine (@jardinesoftware), and Michael Santarcangelo (@catalyst) on the subject “The Business of Security“.  In this podcast the crew discusses trends in information security management […]

The Business of Security





The Problem with Compliance Assessments Newly-minted information security leaders often learn that regulatory or contractual requirements are the primary business driver for their organizations’ security program. Tasked with developing a plan for implementing controls, these leaders turn to compliance assessments to understand the gaps between requirements and operational realities. Ultimately, […]

Where Compliance Assessments Fall Short, Maturity Assessments Rise to the ...


July 22nd, 2016 It is important to understand that information security maturity assessments are unique in outcome and value. Not surprisingly, there is still confusion about the differences between an information security process maturity assessment and the other types of security assessments traditionally employed (namely, risk-, controls- and compliance-focused assessments). We can […]

Information Security Maturity Assessments







Chief Information Security Officer (CISO)In the past, executive members and decision makers would meet to discuss internal findings within an organization, and key decisions would be made without much assistance from external applications. With the advancement of technology and increase in easy to use external resources... Read Full Post

Support Metrics-Driven Decisions


cyber securityDecision makers and executive teams of corporations have a lot of stress on their shoulders because one wrong decision can negatively impact the success of a firm. That is why these individuals expect the fine detail of any project or threat be brought to the board members so that they can come to a comfortable decision. When it comes to information security, as a Chief Information Security Officer (CISO), it is your responsibility to demonstrate accurate and valuable... Read Full Post

Validating Importance of Information Security to Decision Makers