Penetration Testing Steps for a Secure Business

by Sarah Harvey / December 21, 2023

How to Secure Your Business Through Penetration Testing Being prepared for cyber attacks and having the ability to fix the weaknesses within a system helps organizations avoid the consequences of data breaches. Not only are these breaches costly due to the accumulation of legal fees, IT remediation, and customer protection programs, but customer loyalty can be lost following a breach. By being aware and prepared for attacks before they happen,…

SOC 2 Compliance: The 5 Trust Services Criteria

by Sarah Harvey / January 25, 2023

What are the Trust Services Criteria? Once your organization has decided that you are ready to pursue a SOC 2 attestation, the first thing you have to decide is which of the five Trust Services Criteria (TSP) you want to include in your SOC 2 audit report. Becoming familiar with the categories of security, availability, confidentiality, processing integrity, and privacy should be one of the first steps in your scoping process.…

Beginner’s Guide to PCI Compliance

by Sarah Harvey / February 23, 2024

Major credit card companies, including Visa, MasterCard, American Express, Discover, and JCB, acted against the increased number of data security breaches by coming together to create the PCI Security Standards Council. This Council developed a security standard for merchants that process credit card data, known as the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS encourages and enhances cardholder data security by providing globally-recognized data security measures.…

Preparing for a HITRUST CSF Assessment

by Sarah Harvey / February 9, 2023

How to Prepare for a HITRUST CSF Assessment If you’re managing healthcare data, it’s critical from a business and reputational standpoint to protect yourself from risk and maintain a strong relationship with your clients who are also trying to mitigate their risks. HITRUST certification is a great way to ensure this is happening. The HITRUST Common Security Framework, or CSF, is a certifiable framework that provides organizations with a comprehensive,…

5 Questions to Ask When Choosing Your Audit Partner

by Sarah Harvey / September 13, 2023

What would it cost you if your top client was not satisfied with the quality of your audit? In the current threat landscape, it’s absolutely crucial for organizations to find information security audit firms who take risk factors, security and privacy obligations, and cybersecurity seriously. In order to successfully protect your data and your reputation, you must first choose an audit firm. This can be an overwhelming task, but it’s…