Blog

Why is Ransomware Successful?

by Sarah Harvey / June 14, 2023

What is Ransomware? Ransomware is the attack method that you’ve seen over and over again in the headlines and, unfortunately, it's not going away. Global outbreaks like WannaCrypt, Petya/NotPetya, and BadRabbit have made ransomware a household name. The FBI reports that over 4,000 ransomware attacks occur daily. With its sophistication and frequency of attacks, it makes people think – why is ransomware successful? How can it be stopped? Let's discuss…

Why Would a Healthcare Organization Need a SOC 2?

by Sarah Harvey / June 14, 2023

No one wants to work with an at-risk healthcare provider. If someone is looking to use your services, they want to know how secure your healthcare organization actually is. You may think that you have a secure healthcare organization, but does an auditor? With more and more healthcare security breaches being reported to the HHS, it’s more important than ever for covered entities and business associates to demonstrate their commitment…

HITRUST® Across Industries: Where the HITRUST CSF® v9.2 is Headed

by Sarah Harvey / December 16, 2022

Today, HITRUST released the much-anticipated HITRUST CSF v9.2. The changes reflect HITRUST’s effort to leverage international standards and expand adoption into new industries, such as financial services, travel and hospitality, media and entertainment, telecommunications, and startups. Changes in HITRUST CSF v9.2 The two major changes in the HITRUST CSF v9.2 surround its shift to an agnostic framework and the incorporation of international regulatory requirements. The HITRUST CSF v9.2 extracts healthcare-specific…

How Can a SOC 2 Bring Value to MSPs?

by Sarah Harvey / June 14, 2023

As vendors, managed service providers (MSP) are sought out to help entities create and maintain a strong security posture – they shouldn’t bring more risk into their clients’ environments. When organizations engage with MSPs, they want to know how secure their organization really is and will often ask that the MSP undergo a SOC 2 audit before engaging with their services. So, while you may think that your services are…

SOC 2 Academy: Implementing Internal Controls

by Joseph Kirkpatrick / December 16, 2022

Common Criteria 5.1 When an organization undergoes a SOC 2 audit, auditors need to validate that they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 5.1 says, “The entity selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.” What will an auditor look for when assessing this criterion? What do organizations…

Why is Ransomware Successful?

Why Would a Healthcare Organization Need a SOC 2?

HITRUST® Across Industries: Where the HITRUST CSF® v9.2 is Headed

How Can a SOC 2 Bring Value to MSPs?

SOC 2 Academy: Implementing Internal Controls

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.