Data Security 101: Make Sure You Know Where Your Data Is and How It’s Working for You

by Randy Bartels / October 4, 2023

Data is the key to your operation. Make sure you’re keeping it safe. Whether it’s the data you receive from your customers, information you use to run your business, or the source code for your applications, data is at the very heart of any organization. Securing that data is job #1 for any information security program.  A good place to start is understanding where the data is, who uses it,…

6 Expert Tips to Help Craft Your Information Security Policy

by Mike Wise / April 5, 2023

When someone mentions the term “information security policy,” images of an archaic document held in a vault covered in dust, containing hollow words that no one actually knows come to mind. But is that what an information security policy is? The short answer is no. Building a culture of security at your organization really does start with an information security policy. Here are six key ways to help your organization…

Making Sure Your Risk Management Isn’t a Wreck

by Mary Beth Warner / May 22, 2023

We’re all bad at risk. There, I said it. We as humans are fundamentally bad at the concept of gauging risk. Now, before the pitchforks and CRISC certifications get raised, let me give you a real-life example of why that is. Imagine you’re a seventeen-year-old, fresh out of high school and enjoying the summer before college. You’ve got a part time job, you’re participating in a few extracurriculars around town,…

Notes from the Field: CIS Control 01 – Inventory and Control of Enterprise Assets

by Greg Halpin / June 14, 2023

The Center for Internet Security released Version 8 of its CIS Controls document in May 2021. If you are not familiar with the Center for Internet Security, it's a non-profit organization dedicated to making "the connected world a safer place..." The Controls document includes 18 information security controls that all organizations and information security professionals should understand and implement to protect their data, networks, systems, and other resources.  The clients I work with often…

Choosing an Audit Partner that Makes Sure

by Joseph Kirkpatrick / September 13, 2023

What does partnership look like when your organization is in the middle of an audit? When you choose a qualified audit firm to help you in your audit process, you are choosing a partner for an important compliance journey. How does the audit firm you choose support you? What practices does it implement that enable you to successfully complete your audit process? In what ways is an audit firm helping…