Security Leaders Journal


August 14, 2017 Ed Snodgrass, CISO, Secure Digital Solutions Frameworks are important. They lay the foundation for what will eventually be built. Whether building a structure, a vehicle, a medical device or a security program, the need to begin construction using an established set of requirements is critical. It allows […]

The Real Difference Between Frameworks and Compliance



June 22nd, 2017  Secure Digital Solutions releases TrustMAPP® version 2.2  to align risk with process maturity. For the first time security and business leaders can gain a comparative view of security maturity associated with identified risks. NEW FEATURES Risk Register, Management and Program Management Overlay Options TrustMAPP® now integrates risk, best practice […]

TrustMAPP® v2.2 Release Aligns Risk with Maturity








May 12th, 2017 Ed Snodgrass, CISO, Secure Digital Solutions Maturity is an interesting word. We’ve heard it throughout our lives and it’s had different meanings in different contexts.  As a kid, we heard it from our parents regarding “growing up” and “being more mature”.  We may not have understood it […]

Why do you measure cybersecurity maturity?








March 24th, 2017 Ed Snodgrass, CISO, Secure Digital Solutions Protecting your organization costs money.  It’s that simple, and there is plenty of noise in the marketplace telling you where to spend it. The amount of money it takes to do so is usually proportional to the size of the proverbial […]

Battle of the Budget






December 21, 2016 The original ideation leader behind TrustMAPP, Chad Boeckmann (@cboeckm), was recently asked to be a guest on the podcast “Down the Security Rabbit Hole” with Rafal Los (@wh1t3rabbit), James Jardine (@jardinesoftware), and Michael Santarcangelo (@catalyst) on the subject “The Business of Security“.  In this podcast the crew discusses trends in information security management […]

The Business of Security





The Problem with Compliance Assessments Newly-minted information security leaders often learn that regulatory or contractual requirements are the primary business driver for their organizations’ security program. Tasked with developing a plan for implementing controls, these leaders turn to compliance assessments to understand the gaps between requirements and operational realities. Ultimately, […]

Where Compliance Assessments Fall Short, Maturity Assessments Rise to the ...