GRC resources

Discover blogs, news, events and more from CoreStream GRC’s experts.

Women in grc
ISO27001 Blog

  • 700+ passport scans exposed at Abu Dhabi Finance Week, reports say. Here’s the vendor mistake behind it

    Corey

    ·

    700+ passport scans exposed at Abu Dhabi Finance Week, reports say. Here’s the vendor mistake behind it

    This Abu Dhabi Finance Week leak is a vendor risk case study, not a cyber mystery  The Financial Times and Reuters reported that a cloud environment linked to a third-party event vendor left scans of more than 700 passports and state identity documents accessible online via a web browser. The leak was discovered by security researcher Roni Suchowski, and the event reportedly hosted 35,000+…

  • Designing your dream GRC home part 5: how thoughtful experience turns good design into real adoption

    Lionel Matsuya

    ·

    Designing your dream GRC home part 5: how thoughtful experience turns good design into real adoption

    By Head of Client Solution Design, Lionel Matsuya So far in this series, I’ve talked about foundations, connectivity, security, and wiring. These are the things that tend to dominate conversations about GRC platforms: scope, features, controls, automation, and capability. But there’s another layer that quietly determines whether any of that effort delivers value: that layer…

  • Cyber Essentials tightens in April 2026: MFA and patching can now fail you fast

    Corey

    ·

    Cyber Essentials tightens in April 2026: MFA and patching can now fail you fast

    From April 2026, more organizations will fail Cyber Essentials. Not because the five controls are changing, but because the scheme is becoming far less forgiving of gaps between what you say you do and what is actually happening on systems day to day. Cyber Essentials has always been sold as baseline cyber hygiene. Baseline does…

  • Designing your dream GRC home part 4: wiring the house – making automation helpful, not burdensome 

    Lionel Matsuya

    ·

    Designing your dream GRC home part 4: wiring the house – making automation helpful, not burdensome 

    By Head of Client Solution Design, Lionel Matsuya If foundations set the purpose, and corridors shape the flow, wiring determines whether a house actually works in day-to-day life.  And just as modern homes are filled with smart devices, sensors and integrations, today’s GRC environments are increasingly wired with automation, clever logic and AI.  Here’s the central idea upfront:  Automation in GRC technology isn’t about throwing in every…

  • A practical step‑by‑step guide to the Third‑Party Risk Management lifecycle

    Ava Kernan

    ·

    A practical step‑by‑step guide to the Third‑Party Risk Management lifecycle

    Third parties keep modern businesses running. Vendors host systems, process data, deliver critical services, and sit inside day-to-day operations. That reality creates two truths at once: The problem is not that teams do not understand the risk. The problem is that a lot of third-party risk management (TPRM) programs were built for a simpler world.…

  • What CoreStream GRC is watching at the HCCA 2026: compliance trends to be aware of

    Esme Dyos

    ·

    What CoreStream GRC is watching at the HCCA 2026: compliance trends to be aware of

    The 30th Annual Compliance Institute is coming to Orlando April 27-30, 2026, with a virtual option April 28-30.   This is where healthcare compliance teams go to pressure-test what “good” looks like in practice. When enforcement risk is real, audits are relentless, privacy and security expectations keep shifting, and the business still has to move.  What is the Health Care Compliance Association (HCCA)?  HCCA is a US nonprofit that supports healthcare compliance…

Ready to chat with our experts?

Contact us today!

This form may not be visible due to adblockers, or JavaScript not being enabled.