by
Sarah Harvey / June 14, 2023
What happens after you receive your SOC 2 report? You’ve just used many resources – maybe even some that you were strapped to allocate – to go through a gap analysis, remediate the findings, and then begin the SOC 2 Type I and/or Type II audit. It’s a massive project that you should be proud to finish…but what now? What makes a SOC 2 audit successful? How do you make…
by
Sarah Harvey / December 16, 2022
In mid-April, KrebsOnSecurity reported that Wipro, one of India’s largest IT managed service providers, experienced a data breach impacting hundreds of thousands of their clients. The cause? An advanced phishing attack effecting a handful of employee accounts. These phishing attacks were then the gateway malicious hackers needed to target Wipro’s customers. What can we learn from this data breach? It all comes down to the need for effective third-party risk…
by
Sarah Harvey / June 14, 2023
With technology ever-evolving, federal, state, and local governments across the globe have implemented new tools and processes to make their cities more accessible, efficient, and secure. From IoT devices, including cameras, traffic signals, and public transportation to city management systems and public data, cities all over the world are making an effort to become “smart” cities. But an increase in new smart technologies comes with an increase in cybersecurity risks;…
by
Sarah Harvey / February 20, 2023
GDPR and Marketing: Why it Matters Has your organization considered the GDPR implications for marketing? Because of the misconception that GDPR is solely for lawyers and information security teams, many organizations don’t realize how their marketing activities impact their privacy efforts. GDPR is more than a data privacy law. Instead, GDPR is a mandate that affects how organizations market, collect, use, and store consumers’ personal data, so GDPR compliance and…
by
Sarah Harvey / June 14, 2023
Managed service providers (MSPs) have a unique role: they are entrusted by other organizations to fulfill some or all of their business functions. Often times, organizations hire MSPs to create and maintain strong security postures, and when these organizations partner with managed services providers, they want to know that they won’t bring more risk into their environment. So, how can they ensure that they won't increase risk? How Can MSPs…
