10 Top Tips For Better AWS Security Today

by KirkpatrickPrice / May 4, 2023

As an AWS user, you share responsibility for AWS security with Amazon. Amazon provides infrastructure and services, but businesses must ensure they use those tools in line with AWS security best practices. Businesses that fail to do so make it easier for bad actors to infiltrate their networks and exfiltrate their data. AWS security is a complex subject, but there are many straightforward security enhancements with minimal cost to the…

How to Implement a Data Governance Strategy

by KirkpatrickPrice / May 4, 2023

It’s almost a cliché to point out that data is an asset and should be managed accordingly. We all know data has value and that, when correctly leveraged, it helps businesses to optimize operations ranging from human resources to manufacturing to marketing. Recent advances in data science and machine learning have made data even more valuable. But the phrase “data is an asset” misses a vital detail. Data is an…

The Top 5 AWS Security Mistakes To Avoid

by Hannah Grace Holladay / April 12, 2023

AWS’s compute and data storage services are the beating heart of tens of thousands of businesses. That makes AWS security and compliance a matter of critical concern. It’s all too easy to make a configuration mistake that opens the door to bad actors intent on stealing data and infiltrating malware. For example, estimates put the proportion of misconfigured buckets on Amazon’s Simple Storage Service (S3) at 46%. In this article,…

The Impact of NIST Revision 5 on Cyber Threat Simulation

by Amelia Lewis / June 14, 2023

What’s New With NIST 800-53 and Penetration Testing? In September of 2020, NIST released Revision 5 to SP 800-53. Now, a year later, the changes will take effect on September 23. A common theme throughout this new revision is real-world simulation becoming an expected cybersecurity best practice for U.S. federal government agencies and contractors. The world of technology and cybersecurity is rapidly evolving. With new tactics and techniques uncovered every…

Ask the Expert: Penetration Testing

by Sarah Harvey / February 20, 2023

Penetration Testing for HIPAA Compliance Penetration testing is a critical line of defense when protecting your organization’s sensitive assets - especially Electronic Protected Health Information (ePHI). Penetration testing is the process of performing authorized security testing of an environment to identify and exploit weaknesses associated with the targeted systems, networks, and applications before those weaknesses can be exploited by a real attacker. When performed in support of HIPAA compliance, the…