3 Types of Social Engineering Attacks on the Financial Services Industry: Would Your Employees Fall for Them?

by Sarah Harvey / December 16, 2022

Providing quality customer service is crucial for the financial services industry, but there are many potential pitfalls when your employees go above and beyond for your customers. Consider the number of sensitive assets that banks rely on every day to conduct business: Social Security numbers, credit information, PINs, cardholder data, mailing addresses, email addresses, account balances, and more. It’s all available and accessible to employees, which means that it’s susceptible…

Auditing Basics: What are Control Objectives?

by Joseph Kirkpatrick / February 15, 2023

What are Control Objectives? Control objectives are statements that address how risk is going to be effectively managed by an organization, and your auditor will be validating whether or not your organization meets these control objectives during a SOC 1 audit. The AICPA requires that the description of the service organization's systems includes specific control objectives and controls designed to achieve those objectives, and control objectives are typically presented in…

Auditing Basics: What is an Assertion?

by Joseph Kirkpatrick / February 15, 2023

What is Management's Written Assertion? At the beginning stages of the SOC 1 or SOC 2 audit process, an organization will be asked to provide management's written assertion to their auditor. This assertion lays the foundation for the audit because it is a written claim by an organization describing their systems and what it is their services are expected to accomplish for the organizations they do business with. It tells…

Ethical Hacking: Lessons Learned from Education Systems

by Sarah Harvey / February 20, 2023

What Security Threats Do Education Institutions Face? In today’s threat landscape, there’s no excuse for any industry to not be aware of the advancing cyber threats they’re faced with. For education institutions, this could be malware, ransomware, internal attacks, targeted attacks, and so much more. In this webinar, one of our expert penetration testers, Stuart Rorer, discusses why the education sector needs to be concerned about security risks, gives real-life…

Secure Your City: Energy Sources

by Sarah Harvey / June 14, 2023

Cybersecurity attacks can strike where you least expect them. Would you expect the energy sector to be a target? The U.S. Office of Cybersecurity, Energy Security, and Emergency Response (CESER) states, “In today’s highly interconnected world, reliable energy delivery requires cyber-resilient energy delivery systems. In fact, the nation’s security, economic prosperity, and the well-being our citizens depends on reliable energy infrastructure.” The energy sector literally powers any city; it is…