Articles By Brian Rutledge

Brian Rutledge

Principal Security Manager

Brian Rutledge is a Certified Information Systems Security Professional (CISSP) in the cybersecurity industry for more than 20 years. He’s currently the security and compliance engineer at Spanning driving all audit compliance initiatives and managing the company's overall security posture. Previously, Brian was a PCI DSS Qualified Security Assessor (QSA) for Trustwave Holdings working with small business, banking, and enterprise clients to help them become Payment Card Industry compliant. Brian has worked in the telecom industry for notable companies like Verizon and MCI maintaining the Windows server infrastructure and driving vulnerability management programs. Brian has also worked as a navigation electronics technician aboard a US Navy submarine.

Countdown to GDPR #2: Privacy by Design and by Default

The deadline for compliance with GDPR is closing in and many of us are grappling with its regulations and their impact. In this blog series, we’re unpacking GDPR’s key provisions and exploring the implications for your compliance and technology teams. We started the series with Countdown to GDPR: The Right to Be Forgotten where we […]


Pointers for HIPAA Compliance in the Cloud

SaaS applications like G Suite, Office 365, and Salesforce are revolutionizing the healthcare industry with improvements to agility, connectivity, and accessibility. On the flip side, Public Health Information (PHI) breaches are also on the rise and proper data protection remains a top concern. That is because PHI data is incredibly valuable on the black market; […]


Countdown to GDPR: The Right to Be Forgotten

The EU General Data Protection Regulation (GDPR) deadline is looming, and no one’s entirely sure about its implications and compliance requirements. What we do know is that with GDPR the onus of compliance lies with both the data controller (primary data holders/managers/subscribers) and the Data processors (secondary data holders, SaaS/vendor apps). Or as Google put […]


Security Awareness Training: Trick or Treat Your Employees?

Real-life cybersecurity horror stories abound. The Equifax breach threatens most of our identities. The KRACK vulnerability makes the Wi-Fi networks we live on unsafe. Our vulnerable electronic voting systems threaten our democracy. Breach fatigue is real, not only among consumers, but businesses as well. In fact, most expect breaches to be inevitable. According to a […]


GDPR Advice for SaaS Companies

In an effort to expand the privacy rights of EU individuals, the EU General Data Protection Regulation (GDPR) places new obligations on any organization, no matter where it is based, that markets to, tracks or handles EU personal data. As you can imagine, the GDPR is the compliance talk-of-the-town for any company doing business in […]


The Global Impact of GDPR

The EU General Data Protection Regulation (GDPR) is fast-approaching with less than a year remaining for data controllers and processors to comply.  Non-compliance could result in legal action or large fines (up to 4 percent of an organization’s global turnover or €20 Million). As the deadline looms, companies around the globe who interact in any […]


[Whitepaper] Preventing a Ransomware Disaster

Ransomware is not just another cyberattack. It can quickly proliferate through shared folders, affecting both those within and outside the infected organization. All in all, it is costing businesses millions of dollars each year. Ransomware gains access to a computer system by way of a network’s weakest link, which is typically a user’s email or […]