Johanson Group Blog
Choosing the Right QSA for Your Business: A Practical Guide
Feeling overwhelmed by PCI DSS v4.0? You’re not alone. It’s not just about checking boxes anymore—it’s about building a culture of security that works for your business, without driving you up the wall. One of the most important decisions you’ll make on this journey is picking the right Qualified Security Assessor (QSA).
Self-Attestation or Use an Auditor: What’s Best for Compliance?
A question that often comes up when considering compliance is should I persue self-attestation or enlist an independent auditor?
PCI Compliance Guide
Discover everything you need to know about PCI compliance, including compliance levels, benefits, a PCI 4.0 checklist, and the difference between compliance and certification. Learn why Johanson Group is your trusted partner for PCI compliance solutions.
Understanding CCPA Compliance
Understanding CCPA compliance is essential for businesses that collect, store, and process personal data. This comprehensive guide will break down the key aspects of CCPA compliance and provide actionable steps for businesses to adhere to this important legislation.
7 Common Myths About SOC 2: Debunking Misconceptions
If you're navigating the world of SOC 2, it's essential to distinguish fact from fiction. Let's debunk seven common myths about SOC 2 to help you better understand its importance and application.
Understanding SOC 2 Trust Service Criteria
If you're diving into the world of SOC 2 audits, you're likely familiar with the term "Trust Service Criteria." But what exactly are these criteria, why are they important, and how can you effectively incorporate them into your SOC 2 audit? Let's break it down.
ISO 27017 vs ISO 27018: Which Is Right for Your Business?
Among the most renowned certifications are ISO 27017 and ISO 27018, which focus on cloud security and personally identifiable information (PII) respectively. But what sets them apart, and which one does your organization need?
CCPA vs GDPR: Navigating Privacy Regulations
Discover the contrasts between CCPA vs. GDPR in our essential guide to navigating privacy regulations. Uncover key differences, similarities, and expert insights for safeguarding personal data effectively in today's digital landscape.
What is NIST 800-53?
One of the cornerstones of cybersecurity standards is NIST 800-53, a framework developed by the National Institute of Standards and Technology (NIST). In this blog, we'll dive into what NIST 800-53 is, its purpose, the benefits it offers, and best practices for compliance.