Blog

Notes from the Field: CIS Control 16 – Application Software Security

by Greg Halpin / April 3, 2024

Recently, I’ve been working with a small Software as a Services (SaaS) company, and it quickly became clear they didn't have much in place by way of security. They didn't have a documented policy. They didn't do code reviews. New code releases were deployed on the fly. They didn't do secure scans of code or the web application. They didn't have a web application firewall (WAF). The application database was…

The 3 Main Types of Security Policies in Cybersecurity

by KirkpatrickPrice / April 2, 2024

In 2020, security breaches cost businesses an average of $3.86 million, but the cost of individual incidents varied significantly. The main factor in the cost variance was cybersecurity policies and how well they were implemented. Cost mitigating factors include security best practices such as encryption and vulnerability testing, but board involvement in creating and enforcing security policies also had a substantial impact. Organizational security starts at the top, with clearly…

Securing the Sunshine State: A Guide to the Cybersecurity Liability Bill and NIST CSF 2.0

by Tori Thurmond / March 27, 2024

Did you know that 78% of publicly disclosed ransomware victims in Florida were local government entities, affecting cities, towns, counties, and school districts? With the ever-evolving cyber landscape, it can be difficult to stay ahead of threats even if you’re doing whatever you can to keep your organization secure. That’s why our Director of Advisory Services, Todd Atnip, hosted a webinar earlier this week diving into Florida’s proposed Cybersecurity Incident…

Expertise as Social Capital: 4 Unexpected Ways that Expert Access Will Put You Ahead of the Game

by Abigail Raley / March 21, 2024

When I started working at KirkpatrickPrice, I was only a month out of my MFA program. I had been studying poetry for two years, and I was brand new to the cybersecurity auditing world. In fact, I still am. I have questions every day about how to best support our clients, and with the threat landscape constantly evolving, it seems that there are always new problems to solve. KirkpatrickPrice’s founder…

A Bigger, Badder Villain: How to Face the Advanced Threats of AI

by Tori Thurmond / March 21, 2024

Every year in January, the KirkpatrickPrice team gathers in Tampa, FL for one of our biannual team meetings. This week is always a fun one where we get to reunite with our long-distance coworkers and discuss our goals for the new year. This January was no different. We had a great first week of 2024, but by Friday, some of us didn’t want the fun to end. We drove a…

Notes from the Field: CIS Control 16 – Application Software Security

The 3 Main Types of Security Policies in Cybersecurity

Securing the Sunshine State: A Guide to the Cybersecurity Liability Bill and NIST CSF 2.0

Expertise as Social Capital: 4 Unexpected Ways that Expert Access Will Put You Ahead of the Game

A Bigger, Badder Villain: How to Face the Advanced Threats of AI

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.