Trends in Privacy, Breach Notification, Data Security Legislation in 2019

by Sarah Harvey / December 15, 2022

It’s hard to keep track of the different privacy, breach notification, and data security laws that exist in each state – but that’s the job of a thorough, expert auditor. Because of technology advancements and the implementation of GDPR, the momentum to update, amend, and create new legislation is elevated right now. Our mission is to educate you on the latest trends, legislation, and threats so that you can meet…

Most Common PCI Gaps

by Sarah Harvey / June 13, 2023

In the payment card industry, our auditors come across the same vulnerabilities and gaps time and time again across different organizations. Even for a retailer as big as Macy’s, security gaps showed up in full force when their payment card systems were breached in 2018.  Did Macy's security team take the time to mitigate the most common PCI gaps? Could they may have saved the millions of dollars by implementing…

November Breach Report

by Sarah Harvey / December 15, 2022

Every month there is headline after headline reporting about new data breaches. Whether it’s a ransomware attack, a negligent employee opening a phishing email, or a state-sponsored attack, millions of individuals are impacted by data breaches and security incidents on a regular basis. Let’s take a look at some of the top data breaches that occurred during November, how hackers compromised these organizations, and the lessons we can learn from…

CCPA Compliance and Your Marketing Team

by Sarah Harvey / October 4, 2023

CCPA Implications for Marketing It’s no secret that digital marketing is undergoing a major transformation – one that is centered on giving consumers more autonomy over the way their personal information is collected, used, stored, sold, and transmitted. Last year, we saw how the EU’s General Data Protection Regulation changed the international landscape of marketing, and 2020 will be the year the US really feels the brunt of the data…

Why Bother with an Information Security Program?

by Sarah Harvey / June 15, 2023

When headlines about companies like Capital One, Imperva, Marriott, Target, or Home Depot becoming victims of a data breach are released, we understand why small and medium size businesses start wondering if their efforts put towards an information security audit are worth it. If enterprise-level companies and household names can’t protect themselves, why should startups and smaller companies even try? If they can’t do it, no one else can either,…