Notes from the Field: Center for Internet Security Control 12 – Network Infrastructure Management

by Greg Halpin / November 17, 2023

In our increasingly busy lives, we often find ourselves making promises we can't keep. We promise to start our diet on Monday, but order in on Tuesday. We promise that this will be the year we take our dream trip, or finally learn French, or run a marathon. Maybe we promise that we'll implement the perfect network infrastructure. But life, as it often does, gets in the way. A company…

5 Reasons Why Marketers Should Care about Data Privacy

by Tori Thurmond / November 20, 2023

As a marketer writing this blog, trust me when I say that data privacy is one of the last things I want to think about when I’m trying to create the next best campaign.  However, by working at KirkpatrickPrice, I’ve learned the importance of data privacy to our role as marketers and seen that it can only make our marketing efforts more successful.    No matter what industry you work…

The Keys to a Successful Audit

by Tori Thurmond / January 10, 2024

An auditor can be seen as a nit-picky, negative, overly involved outsider coming into your environment, asking questions and looking for any control that’s insufficient. This mindset causes organizations to fear auditing and auditors, when in reality, an audit is a healthy habit and auditors are trained to help you better understand and protect your assets. Audits don’t need to be so intimidating. Instead, a successful, quality audit should include…

Auditor Insights: Where to Start with GDPR Compliance

by Mark Hinely / February 7, 2024

As GDPR becomes a more and more prevalent data privacy law, we want to give organizations four actions to start with when working towards GDPR compliance. These areas should help organizations understand what kind of personal data of data subjects that they have, where it goes, and what role (data controller or data processor) they fit into under GDPR. I chose the areas of data mapping, contract management, documentation review,…

Notes from the Field: Center for Internet Security Control 11 – Data Recovery 

by Greg Halpin / October 30, 2023

The client I was working with had undergone a management shakeup over the previous year. The CIO left and was replaced by someone who brought in several new managers. The result was a lot of IT and DevOps staff turnover. Many skilled staff who knew how everything worked at the company left amid the uncertainty. There were not enough senior people left to train all of the new hires. Without…