Wipro’s Data Breach: A Valuable Lesson for Managed Service Providers

by Sarah Harvey / December 16, 2022

In mid-April, KrebsOnSecurity reported that Wipro, one of India’s largest IT managed service providers, experienced a data breach impacting hundreds of thousands of their clients. The cause? An advanced phishing attack effecting a handful of employee accounts. These phishing attacks were then the gateway malicious hackers needed to target Wipro’s customers. What can we learn from this data breach? It all comes down to the need for effective third-party risk…

What is a SOC 1 Report?

by Sarah Harvey / April 12, 2023

What is a SOC 1 Report? Once you’ve made it through the evidence gathering portion of the SOC 1 audit process, our specialized team of professional writers will take the information gathered by our auditors and provided by you in our Online Audit Manager to create a final SOC 1 report. What is a SOC 1 report? It is a report that is based on the Statement on Standards for…

Explaining Audit Periods

by Sarah Harvey / February 15, 2023

The Difference Between SOC 1 Type I and Type II: The Audit Period While SOC 1 Type I audit engagements evaluate a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) at a specific point in time, a SOC 1 Type II audit evaluates a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) over a…

Smart Cities vs. Secure Cities: Is There Really a Difference?

by Sarah Harvey / June 14, 2023

With technology ever-evolving, federal, state, and local governments across the globe have implemented new tools and processes to make their cities more accessible, efficient, and secure. From IoT devices, including cameras, traffic signals, and public transportation to city management systems and public data, cities all over the world are making an effort to become “smart” cities. But an increase in new smart technologies comes with an increase in cybersecurity risks;…

What Does GDPR Mean for Marketing?

by Sarah Harvey / February 20, 2023

GDPR and Marketing: Why it Matters Has your organization considered the GDPR implications for marketing? Because of the misconception that GDPR is solely for lawyers and information security teams, many organizations don’t realize how their marketing activities impact their privacy efforts. GDPR is more than a data privacy law. Instead, GDPR is a mandate that affects how organizations market, collect, use, and store consumers’ personal data, so GDPR compliance and…