Secure Your City: Public Transit

by Sarah Harvey / June 14, 2023

Public transit is integral to metropolitan areas. The public transit sector ranges from buses to trains, overground systems, underground systems, light rails, ferries, and more. New York’s Subway, London’s Underground, and Paris’ Métro are hallmarks of the cities’ cultures. But the growing dependence on and integration between public transit and technology opens up new areas of risks to cities with public transit systems. If a public transit system is compromised…

3 Types of Social Engineering Attacks on the Financial Services Industry: Would Your Employees Fall for Them?

by Sarah Harvey / December 16, 2022

Providing quality customer service is crucial for the financial services industry, but there are many potential pitfalls when your employees go above and beyond for your customers. Consider the number of sensitive assets that banks rely on every day to conduct business: Social Security numbers, credit information, PINs, cardholder data, mailing addresses, email addresses, account balances, and more. It’s all available and accessible to employees, which means that it’s susceptible…

Auditing Basics: What are Control Objectives?

by Joseph Kirkpatrick / February 15, 2023

What are Control Objectives? Control objectives are statements that address how risk is going to be effectively managed by an organization, and your auditor will be validating whether or not your organization meets these control objectives during a SOC 1 audit. The AICPA requires that the description of the service organization's systems includes specific control objectives and controls designed to achieve those objectives, and control objectives are typically presented in…

Auditing Basics: What is an Assertion?

by Joseph Kirkpatrick / February 15, 2023

What is Management's Written Assertion? At the beginning stages of the SOC 1 or SOC 2 audit process, an organization will be asked to provide management's written assertion to their auditor. This assertion lays the foundation for the audit because it is a written claim by an organization describing their systems and what it is their services are expected to accomplish for the organizations they do business with. It tells…

Ethical Hacking: Lessons Learned from Education Systems

by Sarah Harvey / February 20, 2023

What Security Threats Do Education Institutions Face? In today’s threat landscape, there’s no excuse for any industry to not be aware of the advancing cyber threats they’re faced with. For education institutions, this could be malware, ransomware, internal attacks, targeted attacks, and so much more. In this webinar, one of our expert penetration testers, Stuart Rorer, discusses why the education sector needs to be concerned about security risks, gives real-life…