Why is Ransomware Successful?

by Sarah Harvey / June 14, 2023

What is Ransomware? Ransomware is the attack method that you’ve seen over and over again in the headlines and, unfortunately, it's not going away. Global outbreaks like WannaCrypt, Petya/NotPetya, and BadRabbit have made ransomware a household name. The FBI reports that over 4,000 ransomware attacks occur daily. With its sophistication and frequency of attacks, it makes people think – why is ransomware successful? How can it be stopped? Let's discuss…

Why Would a Healthcare Organization Need a SOC 2?

by Sarah Harvey / June 14, 2023

No one wants to work with an at-risk healthcare provider. If someone is looking to use your services, they want to know how secure your healthcare organization actually is. You may think that you have a secure healthcare organization, but does an auditor? With more and more healthcare security breaches being reported to the HHS, it’s more important than ever for covered entities and business associates to demonstrate their commitment…

HITRUST® Across Industries: Where the HITRUST CSF® v9.2 is Headed

by Sarah Harvey / December 16, 2022

Today, HITRUST released the much-anticipated HITRUST CSF v9.2. The changes reflect HITRUST’s effort to leverage international standards and expand adoption into new industries, such as financial services, travel and hospitality, media and entertainment, telecommunications, and startups. Changes in HITRUST CSF v9.2 The two major changes in the HITRUST CSF v9.2 surround its shift to an agnostic framework and the incorporation of international regulatory requirements. The HITRUST CSF v9.2 extracts healthcare-specific…

How Can a SOC 2 Bring Value to MSPs?

by Sarah Harvey / June 14, 2023

As vendors, managed service providers (MSP) are sought out to help entities create and maintain a strong security posture – they shouldn’t bring more risk into their clients’ environments. When organizations engage with MSPs, they want to know how secure their organization really is and will often ask that the MSP undergo a SOC 2 audit before engaging with their services. So, while you may think that your services are…

Online Audit Manager

Choosing the Online Audit Manager: One Tool, Multiple Audits

by Sarah Harvey / February 5, 2024

Because of the complexity of today’s threats and the innovation of new businesses, it’s not uncommon for organizations to pursue multiple compliance goals at the same time. Let’s say you provide IaaS solutions – you may want not only a SOC 2 attestation, but also HIPAA compliance for the healthcare clients you serve. Let’s say you’re a payment processing SaaS who needs PCI compliance and a SOC 2 attestation. When…