Blog

Building a Cyber-Resilient Culture: A Webinar Recap

by Tori Thurmond / March 21, 2024

We recently had the opportunity to team up with CyberCX for our webinar, “Building a Cyber-Resilient Culture.” During the webinar, our President and Founder, Joseph Kirkpatrick, and the US Director of Digital Forensics, Chris Pogue discussed how company culture can lead to cyber resilience. If you weren’t able to attend the webinar but would like to hear Joseph and Chris’s entire conversation, you can listen to the full recording here.…

Using the Online Audit Manager to Complete Multiple Audits

by Abigail Raley / February 5, 2024

When completing multiple audits, it’s easy to become overwhelmed. You want to make sure that you’re taking the necessary steps to succeed, but you find yourself answering the same questions across multiple audits, using compliance tools that aren’t actually helpful, and working with multiple firms to meet all of your security and compliance needs. You want a quality audit across multiple frameworks, for yourself or your clients’ peace of mind.…

Why Data Mapping Is Critical for GDPR Compliance: A Comprehensive Tip Sheet for GDPR Compliance

by Suzette Corley / October 4, 2023

We understand how hard it is to keep up with today’s privacy expectations. Privacy regulations are constantly evolving, and maintaining compliant data privacy practices is overwhelming. One of the key aspects of building a compliant privacy program is learning where your data is, how it flows, and what regulations are affecting it. Data mapping, a GDPR requirement, is a great way to understand your data flow process as well as how to…

Security Awareness Training Compliance Requirements: SOC 2, PCI, HIPAA, and More

by Hannah Grace Holladay / August 9, 2023

Regularly training your employees is a critical component of compliance and security in your organization. The risk of an employee not understanding the potential security threats facing them as a frontline target could be just the opening that an attacker needs to create a security breach. This is why many information security frameworks and regulations, like SOC 2, PCI DSS, and HIPAA, have security awareness training compliance requirements. What are those requirements? What…

Notes from the Field: Center for Internet Security Control 09 – Email and Web Browser Protections

by Greg Halpin / September 13, 2023

A small SaaS (Software as a Service) client I worked with recently mentioned an information security incident they experienced a year ago in which the email account of one of their sales representatives was compromised via a phishing attack. The attackers gained the credentials of the sales rep, obtained email addresses of customers, and sent emails to the company's customers with false offers to buy discounted services. The attackers had scraped…

Building a Cyber-Resilient Culture: A Webinar Recap

Using the Online Audit Manager to Complete Multiple Audits

Why Data Mapping Is Critical for GDPR Compliance: A Comprehensive Tip Sheet for GDPR Compliance

Security Awareness Training Compliance Requirements: SOC 2, PCI, HIPAA, and More

Notes from the Field: Center for Internet Security Control 09 – Email and Web Browser Protections

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.