Articles

La Ley PLD (Prevención de lavado de dinero o LFPIORPI) fue diseñada para empresas que realizan al menos una de las 17 actividades consideradas vulnerables. No adherirse a ella puede resultar en multas de hasta 65,000 UMAs (más de $7.6 millones de pesos), clausura temporal o definitiva de tu negocio y en los casos más […]

If you’re in the car industry, you’ve probably heard about the TISAX certification, the information security standard for this sector. Major manufacturers like Volkswagen, BMW, Mercedes-Benz, Stellantis, and PACCAR increasingly require their suppliers to hold a valid TISAX label before doing business with them. This standard is not a legal obligation in the automotive supply […]

The NIS2 directive is the EU’s most ambitious cybersecurity law to date. It affects an estimated 160,000+ organizations across 18 sectors. If your organization operates in the European Union or provides services to companies that do, understanding its ins-and-outs is a legal must. Non-compliance with the NIS2 regulation can result in fines of up to […]

The ISO 9001 certification is the world’s most recognized standard for quality management. It proves that a company can consistently deliver products and services that meet customer needs while improving efficiency and reducing errors. More than a compliance checkbox, ISO 9001 gives businesses a structured way to organize processes, train teams, and keep customers happy. […]

Zero Trust Architecture (ZTA) is a modern cybersecurity framework built on a clear rule: never trust, always verify. It establishes that every user, device, and request must prove its legitimacy before gaining access to a network, its data, and its applications. Zero Trust security originates from the change in traditional network perimeters from the use of […]

As artificial intelligence embeds itself in day-to-day operations, the ISO 42001 certification has risen to prominence. Organizations, governments, regulators, and clients are now demanding higher standards of accountability from businesses who use AI to prove they handle it responsibly, transparently, and ethically. ISO 42001 is the world’s standard dedicated to the governance and management of […]

While building their internal cybersecurity program, most companies stumble into two frameworks: ISO 27001 and the NIST Cybersecurity Framework (CSF). Both offer ways to protect sensitive information, reduce risks, and meet compliance demands. Yet, they also serve different purposes. The challenge lies in figuring out which one of these frameworks to adopt, since this makes […]

Every financial institution or e-commerce company with a high volume of credit and debit card payments must understand PCI compliance. PCI, commonly referred to as PCI DSS, refers to a set of information security standards that define the requirements organizations must meet if they process, store, or transmit cardholder data. These were developed by the […]

If you’re a Quebec resident or do business in Quebec, you should know that Quebec’s Loi 25 doesn’t only require companies to protect personal data. It also demands a swift, structured incident response plan for when things go south. Having a concrete cyber security incident response protocol allows companies to alleviate the potential damage of data […]

Since September 2022, businesses with activities in Quebec or handling the information of its residents have had to progressively adhere to Quebec’s Loi 25, newest standard for privacy and data protection.  Loi 25 is an amendment to the former ‘Act Respecting the Protection of Personal Information In The Private Sector’, and introduces new guidelines that […]

Most companies ignore the consequences of non-compliance until they face the costs: difficulty to close deals struggling to enter and sell in new markets, or being subjected to regulatory fines. This happens either due to ignorance towards local regulations and responsibilities, or because they’re too focused on growing, to the point where they leave compliance […]

Quebec’s privacy and data security arena is transforming, and organizations are already racing against time to adapt. Mirroring the advanced privacy benchmarks set by Europe’s General Data Protection Regulation (GDPR), Quebec’s National Assembly unanimously passed Loi 25, also known as The Privacy Legislation Modernization Act, on September 21st, 2021. The regulation’s rollout consists of three […]