10 GDPR Resources for the Budget Constrained (Part 1)

Chris Williams Executive, GDPR, News, Security, SMB

The General Data Protection Regulation (GDPR) continues to be a major source of concern for IT staff across the US. It’s pushing these IT organizations outside their relative comfort zones and forcing them to adopt higher security standards. This includes many common sense best practices. Being found in non-compliance means paying dissuasively large penalties which could cripple SMBs. Organization’s with security programs that include information security audits and ongoing security program development will have a solid foundation of policies, controls and practices to build upon. For those still working towards GDPR compliance, there are some free tools and services that can be very helpful. Don’t get …

What you don’t know…

Rob Blumer Executive, Security, SMB

Picture this: A meeting is called to review a deal the Sales team has been chasing for over a year. You are a Software-as-a-Service or SaaS provider, the deal is over $500K annual recurring revenue and have a 5-year contract. Needless to say, you really want to win. It’s down to your company and your number one competitor. In that meeting, the first question from CEO is, “How do we win this?” The SVP of Sales responses, “We’re well positioned, our coach says it’s ours to lose the only thing left is the Information Security review”. All eyes turn to …

Information Security out of Necessity

Chris Williams Executive, Security

I was a Chief Information Security Officer. Not a virtual one. A human one. My name is Chris Williams. I’m a founder and Managing Partner at Perpetually Geek. My passion for information security grew out of necessity. Having worked at a document management firm where we began developing and hosting SaaS applications starting in the late ‘90s, we were considered cutting edge. We had strong executive vision and leadership, were attracting venture funding, building an impressive client book of top companies in the world, hiring top talent, and building our company for the future. All was right in the world. At that time, we were building out our infrastructure, including our own private cloud, and architecting our data centers for resiliency as we expanded our geographic footprint. It was …

The SaaS Provider Dilemma

Chris Williams Executive Leave a Comment

It used to be that SaaS providers could deal with security and compliance related items a couple times a year with limited focus and effort while attempting to check the most common customer-facing Information Security check boxes. This learned behavior evolved more out of necessity than anything else. Many SaaS providers can’t afford the cost to hire dedicated security personnel so existing IT staff are expected to take on Information Security responsibilities, in addition to their existing duties, with little to no further training or mentoring. This is “that” topic neither side wants to talk to the other about. Management …