Making Sure Your Risk Management Isn’t a Wreck

by Mary Beth Warner / May 22, 2023

We’re all bad at risk. There, I said it. We as humans are fundamentally bad at the concept of gauging risk. Now, before the pitchforks and CRISC certifications get raised, let me give you a real-life example of why that is. Imagine you’re a seventeen-year-old, fresh out of high school and enjoying the summer before college. You’ve got a part time job, you’re participating in a few extracurriculars around town,…

6 Ways Employees Expose Businesses to Security and Compliance Risks

by Hannah Grace Holladay / April 12, 2023

Business managers and IT professionals are inclined to attribute employee-caused security failures to malice, ignorance, or laziness. After all, the business has security policies and procedures. Employees know about them or, at the very least, have signed a declaration affirming they know about them. The IT team has implemented secure systems.  And yet, employees often circumvent these systems and ignore information security policies, exposing the business to cybersecurity attacks and…

4 Ways to Minimize Risk in IoT Devices

by Sarah Harvey / June 14, 2023

Internet of Things (IoT) technology makes daily tasks easier. From smart home devices to entire smart cities, these interconnected devices are changing the way we interact, do business, and live our lives. But with any new technology implementation, there are risks involved, and this especially rings true for IoT. Because the demand for IoT devices is projected to rapidly increase -- Gartner predicts that the number of IoT devices in…

Who Owns the Risk?

by Sarah Harvey / June 15, 2023

We find that managed service providers (MSPs) are often reluctant to take responsibility for the risks that they pose to clients. Their clients, though, may assume an MSP does take hold of a particular risk – and here lies the problem. When this type of miscommunication occurs, it leaves major gaps in organizations’ security posture. So…who owns the risk? Shifting the Risk When an organization engages with one or more…

Risk Assessment Checklist – 5 Steps You Need to Know

by Sarah Harvey / April 12, 2023

What is a Risk Assessment? A risk assessment is a process by which an organization analyzes vulnerabilities, potential threats and risks to the organization's security posture and IT systems. Performing a risk assessment is a critical component of any Information Security program. Because it’s mandated by several frameworks (SOC 1, SOC 2, PCI DSS, ISO 27001, HIPAA, FISMA), organizations wanting to comply with these frameworks must conduct risk assessments on…