https://www.latacora.com/categories/sales-enablement/Recent content in Sales Enablement on LatacoraHugo -- gohugo.ioen-usFri, 27 Jun 2025 11:09:35 -0500https://www.latacora.com/blog/2025/06/27/privacy-for-the-newly-appointed-and-already-exasperated-dpo/Fri, 27 Jun 2025 11:09:35 -0500https://www.latacora.com/blog/2025/06/27/privacy-for-the-newly-appointed-and-already-exasperated-dpo/<p>Every other week, regulators around the world bombard their constituents with new data protection laws and acronyms. As the person who was just <em>voluntold</em> you’re now responsible for privacy at your startup, in addition to all your other duties and without any additional resources, how can you possibly be expected to keep up—let alone contextualize that information to maintain compliance?</p> <p>Privacy, at its core, is an ethical issue, which means the solution to your privacy challenges is deceptively simple: <strong>do the right thing and be transparent with your customers.</strong> That’s it. That’s what everyone means when they say “privacy by design.”</p>https://www.latacora.com/blog/2020/03/12/soc2-starting-seven/Thu, 12 Mar 2020 13:49:00 -0400https://www.latacora.com/blog/2020/03/12/soc2-starting-seven/<p>So, you plan to sell your startup’s product to big companies one day. Congratu-dolences!</p> <p>Really, that’s probably the only reason you should care about this article. If that’s not you, go forth and live your life! We’ll ask no more of your time.</p> <p>For the rest of you: Industry people talk about SOC2 a lot, and it’s taken on a quasi-mystical status, not least because it’s the product of the quasi-mystical accounting industry. But what it all boils down to is: eventually you’ll run into big-company clients demanding a SOC2 report to close a sale. You know this and worry about it.</p>https://www.latacora.com/blog/2018/05/04/dumb-security-questionnaires/Fri, 04 May 2018 21:46:00 -0400https://www.latacora.com/blog/2018/05/04/dumb-security-questionnaires/<p>It’s weird to say this but a significant part of the value we provide clients is filling out Dumb Security Questionnaires (hereafter DSQs, since the only thing more irritating than a questionnaire is spelling “questionnaire”).</p> <p><a href="https://web.archive.org/web/20230520010350/https://danielmiessler.com/blog/third-party-security-questionnaires-are-security-theater/" target="_blank" rel="noopener noreferrer">Daniel Meiessler complains</a> about DSQs, arguing that self-assessment is an intrinsically flawed concept.</p> <p>Meh. I have bigger problems with them.</p> <p>First, most DSQs are terrible. We get on calls with prospective clients, tell them “these DSQs were all first written in the early 1990s and lovingly handed down from generation to generation of midwestern IT secops staff. Oh, how clients laugh and laugh. But, not joking. That’s really how those DSQs got written.</p>