Learning from MGM’s Mistakes: How a Quality Audit Can Help

by Tori Thurmond / September 15th, 2023

A $33 billion company breached because of a 10-minute phone call, and, according to vx-underground, all the hackers had to do was a simple search on LinkedIn.   You’ve probably heard about the MGM breach that happened earlier this week, but did you know that the attack was a result of social engineering? A notorious hacking group, ALPHV (aka BlackCat), searched one of MGM’s employees on LinkedIn, called MGM’s help desk,…

Notes from the Field: Center for Internet Security Control 10 – Malware Defenses 

by Greg Halpin / September 14th, 2023

The client I was working with had a web application hosted on a Windows server with the anti-virus software disabled. When I asked the head of Information Technology about it, he said the company's web application didn't work when anti-virus was running, so they couldn't enable it. They weren't concerned about it as they had a firewall in place with malware protection. I strongly advised them to reconsider that decision.…

Building a Cyber-Resilient Culture: A Webinar Recap

by Tori Thurmond / September 6th, 2023

We recently had the opportunity to team up with CyberCX for our webinar, “Building a Cyber-Resilient Culture.” During the webinar, our President and Founder, Joseph Kirkpatrick, and the US Director of Digital Forensics, Chris Pogue discussed how company culture can lead to cyber resilience.   If you weren’t able to attend the webinar but would like to hear Joseph and Chris’s entire conversation, you can listen to the full recording here.  …

Using the Online Audit Manager to Complete Multiple Audits

by Abigail Raley / September 5th, 2023

When completing multiple audits, it’s easy to become overwhelmed. You want to make sure that you’re taking the necessary steps to succeed, but you find yourself answering the same questions across multiple audits, using compliance tools that aren’t actually helpful, and working with multiple firms to meet all of your security and compliance needs. You want a quality audit across multiple frameworks, for yourself or your clients’ peace of mind.…

Why Data Mapping Is Critical for GDPR Compliance:  A Comprehensive Tip Sheet for GDPR Compliance 

by Suzette Corley / August 29th, 2023

We understand how hard it is to keep up with today’s privacy expectations. Privacy regulations are constantly evolving, and maintaining compliant data privacy practices is overwhelming.    One of the key aspects of building a compliant privacy program is learning where your data is, how it flows, and what regulations are affecting it. Data mapping, a GDPR requirement, is a great way to understand your data flow process as well as how to…