How to Scale Your Information Security Program as You Grow

by Sarah Harvey / June 15, 2023

It’s a great accomplishment for startups to meet compliance goals, like gaining SOC 2 attestation or becoming HITRUST CSF certified – but what happens after you receive your report? How do you continue to implement the lessons you learned and the controls you developed? What happens when a CISO or an IT director leaves the company? Will your information security program withstand your projected growth? These are all things to…

What is Web Application Penetration Testing?

by Sarah Harvey / December 15, 2022

According to Verizon’s 2019 DBIR, web applications are the top hacking vector in breaches. What does this mean for your business? Is your organization defending its web applications from hackers and cyber threats? Are you performing penetration testing on your web applications to validate your security efforts? Let’s discuss the risks associated with web applications and how KirkpatrickPrice’s penetration testing methodologies are effective and necessary for securing your business. Why…

5 Project Management Tips for Information Security Audits

by Sarah Harvey / June 13, 2023

When most people think of auditing, they automatically associate it with negative emotions such as stress or anxiety. At KirkpatrickPrice, we understand that undergoing an information security audit can be an overwhelming task for organizations, and we want to partner with you to ensure that we can alleviate as much of that stress as possible. However, while we have processes, personnel, and tools like our Online Audit Manager to help your…

Why Onsite Visits are the Smart Choice for Cloud Environments 

by Joseph Kirkpatrick / June 15, 2023

The National Institute of Standards and Technology, NIST, defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.” Cloud computing is both a transformative and disruptive technology that provides an opportunity to rethink the way organizations fix problems that have been around for a…

What is Network Penetration Testing?

by Sarah Harvey / December 15, 2022

Gartner says that by 2020, 60% of digital businesses will suffer from service failures due to their IT security teams’ inability to manage digital risk. What does this mean for your business? Is your organization defending its network from cyber threats? Are you performing network penetration testing to validate your security efforts? What is network penetration testing, and should you be doing internal or external? Let's discuss. Internal vs. External…