Making Sure Your Risk Management Isn’t a Wreck

by Mary Beth Warner / May 22, 2023

We’re all bad at risk. There, I said it. We as humans are fundamentally bad at the concept of gauging risk. Now, before the pitchforks and CRISC certifications get raised, let me give you a real-life example of why that is. Imagine you’re a seventeen-year-old, fresh out of high school and enjoying the summer before college. You’ve got a part time job, you’re participating in a few extracurriculars around town,…

How to Write a Cloud Security Policy for Your Business

by Hannah Grace Holladay / June 14, 2023

The major cloud computing platforms are more secure than the average on-premises infrastructure deployment. But “more secure” isn’t the same as “sufficiently secure.” Cloud security is a shared responsibility: cloud vendors provide the foundations, but it’s up to cloud customers to build secure systems. That’s unlikely to happen without a well-documented, comprehensive, and enforced cloud security policy (CSP). A cloud security policy sets security parameters for managers and employees, and…

Six Steps to a Bullet-Proof Disaster Recovery Plan (DRP)

by Hannah Grace Holladay / June 14, 2023

Unfortunately in today’s modern threat landscape, it’s only a matter of time before your business faces a disaster. How would your organization cope if an employee deleted a production database? Could you continue to serve customers if a tornado took out your primary data center? How soon could you recover data encrypted in a ransomware attack or return to normal operations during a denial-of-service attack? Disaster recovery planning ensures your…

ISO 27001:2022 Updates: What Is Changing and Why Does It Matter?

by Hannah Grace Holladay / January 26, 2023

A revised version of ISO 27001 is expected this fall. When standards change, it’s natural for organizations to wonder whether it will impact their operations and compliance. Organizations about to undertake an ISO 27001 audit may hesitate until the new standards are published.  In fact, the changes to ISO 27001 will not have an immediate impact on compliance, and there is no reason to postpone audit preparation. However, a new…

Man working on computer

What is Disaster Recovery Planning (DRP)?

by Hannah Grace Holladay / February 22, 2023

In 2022, businesses are reliant on IT infrastructure. Whether it's on-premises, cloud, or outsourced infrastructure, IT supports day-to-day business operations, customer interactions, human resource management, communications, sales and marketing, financial management, web and mobile services, and more. Unexpected downtime in these areas can severely impact operations and cost thousands of dollars every minute.  Has your business planned for how to deal with these kinds of threats? To prepare for such…