Choosing Between SOC 2 and ISO 27001 Audits

by Sarah Harvey / June 13, 2023

So you’ve completed a SOC 2 audit, how prepared does that make you for an ISO 27001 audit? How do you know whether your organization needs a SOC 2 attestation or an ISO 27001 certification? For organizations working toward security compliance, deciding between these two audits depends on a few factors. While these audit frameworks are different in many ways, they also share some core similarities that make it difficult…

Creating Effective Network Diagrams and Data Flow Diagrams

by Sarah Harvey / August 21, 2023

The Importance of Network and Data Flow Diagrams Network diagrams and data flow diagram are called out in PCI Requirement 1; in fact, the PCI DSS puts so much weight on a good diagram that they include it in the first phase of the Prioritized Approach, which is the recommended method to remediate compliance gaps. But, PCI is not the only place where network and data flow diagrams are valid.…

Combining SOC 1 and PCI Audits

by Sarah Harvey / June 13, 2023

When a breach occurs in the financial services industry, it costs the compromised organization $210 per breached record – which is why we get a lot of questions about SOC 1 and PCI audits from organizations in the financial services industry. How can you protect your data from threats? Should your company complete both audits? Are you able to consolidate multiple audits into one project? KirkpatrickPrice has developed the Online…

Mistakes Businesses Make When Preparing for Pandemics like Coronavirus

by Sarah Harvey / December 16, 2022

The Global Impact of COVID-19 It’s been nearly two months since China confirmed an outbreak of a novel coronavirus, COVID-19, in Wuhan. With over 93,000 confirmed cases reported globally, including more than 200 in the United States, countries across the globe have started to feel the impact of the virus. Industries like manufacturing, farming, travel, healthcare, finance, banking, retail, and technology have all taken a hit from the global outbreak,…

Stay Secure With These Intrusion Detection and Protection Techniques

by Sarah Harvey / June 14, 2023

Does your organization have robust processes and procedures in place to identify and contain threats in your environment? Are you confident that these processes can prevent security incidents and data breaches caused by common attack methods like malware, ransomware, DoS attacks, phishing attacks, and more? Establishing a strong intrusion detection and prevention system (IDPS) – although they are sometimes separately referred to as intrusion detection systems (IDS) and intrusion prevention…