Stay Secure With These Intrusion Detection and Protection Techniques

by Sarah Harvey / June 14, 2023

Does your organization have robust processes and procedures in place to identify and contain threats in your environment? Are you confident that these processes can prevent security incidents and data breaches caused by common attack methods like malware, ransomware, DoS attacks, phishing attacks, and more? Establishing a strong intrusion detection and prevention system (IDPS) – although they are sometimes separately referred to as intrusion detection systems (IDS) and intrusion prevention…

Why Fintech Should Focus on Availability

by Sarah Harvey / June 13, 2023

Robinhood, an investing and trading platform, experienced every startup’s nightmare: service outages at a crucial time, leaving frustrated customers unable to trade. TechCrunch explains, “It’s perhaps the worst-timed bug in the history of the seven-year-old company, because it coincided with one of the biggest single-day gains in the history of the Dow Jones Industrial Average, and huge gains on the Nasdaq, as well. In all, markets gained $1.1 trillion in…

Writing a Change Management Policy

by Sarah Harvey / December 16, 2022

Policies and procedures are nothing new in the world of information security. One of the best things you can do to secure your environment is to develop detailed policies to keep your employees educated on the proper security processes that need to be implemented within your organization. Writing a change management policy is just one step you can take to better secure your organizational and IT systems. Every organization focuses…

Combining SOC 1, SOC 2, and PCI Audits

by Sarah Harvey / June 13, 2023

An organization may choose a combined SOC 1, SOC 2, and PCI audit for many reasons. First, there are compliance requirements. A PCI audit may be mandatory, but too narrow of a scope to be useful to user entities, so a SOC 1 or SOC 2 is needed. Second, there are logistical reasons. If you have to go through all three audits, why not consolidate the effort into one process?…

Internal vs. Third-Party Audits: Why You Need to be Leveraging Both

by Sarah Harvey / February 20, 2023

Internal Audits vs. External Audits Is an internal audit enough? Should you utilize both internal and external audits? This is an ongoing conversation in our arena. But at KirkpatrickPrice, we know that there is power in having both perspectives, especially when it comes to conquering your compliance goals. If you want to prove to your stakeholders that you’re willing to do everything you can to take control of the cyber…