Blog

How Can Penetration Testing Protect Your Assets?

by Sarah Harvey / January 25, 2023

Every business has something to lose. But…who loses sleep over it? Whose job is on the line if assets are compromised? Who cares about protecting their assets? In recent data breaches, some companies just haven’t shown the expected response when they compromise assets. Take Uber, for example. The core of Uber’s business is drivers and riders, yet they covered up a hack for over a year. Hackers stole 57 million…

Protecting MSPs from Million Dollar Ransomware Attacks

by Amelia Lewis / June 14, 2023

The DarkSide Ransomware Attack on CompuCom On March 3, the IT managed service provider (MSP) announced they had fallen victim to a Darkside ransomware attack. The cybercrime group installed CobaltStrike beacons on several systems throughout the MSP’s environment. These beacons helped the threat actor steal data, spread the virus, and deploy ransomware payloads. The MSP expects the incident to result in losses of $20 million and counting due to the…

Preparing for a CCPA Audit

by Sarah Harvey / November 20, 2023

The California Consumer Protection Act gives consumers more rights related to their personal data and requires businesses to be more transparent about the way personal data is used and shared. The law applies to certain businesses that collect, use, receive or transmit the personal data of California consumers. Specifically, this law applies to for-profit businesses that do business in California and have annual gross revenues of over $25,000,000, buy, sell,…

Using NIST 800-53 vs. NIST 800-171 in a FISMA Audit

by Sarah Harvey / June 13, 2023

When any organization engages in a FISMA audit, their information systems are organized according to FIPS 199 and FIPS 200 to determine security categories and impact levels. Then, those systems are tested against a tailored set of baseline security controls. Depending on whether an organization is a federal agency or a private sector entity, different NIST publications of security controls may apply to the FISMA audit. How can you determine…

How to Prepare for a FISMA Audit

by Sarah Harvey / November 20, 2023

FISMA is U.S. legislation enacted as part of the Electronic Government Act of 2002, intended to protect government information and assets from unauthorized access, use, disclosure, disruption, modification, or destruction. To comply with FISMA, organizations must demonstrate that they meet the standards set forth by NIST SP 800 series. Unique to a FISMA audit, organizations can tailor the relevant security control baseline so that it more closely aligns with their…

How Can Penetration Testing Protect Your Assets?

Protecting MSPs from Million Dollar Ransomware Attacks

Preparing for a CCPA Audit

Using NIST 800-53 vs. NIST 800-171 in a FISMA Audit

How to Prepare for a FISMA Audit

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.