Cybersecurity (risk) assessments and compliance audits are often considered one and the same. However, while related, these two approaches are different cybersecurity evaluation techniques. While compliance audits examine whether an organization’s IT security measures adequately meet a specific Standard (i.e., HIPAA, PCI, SOC, CMMC), cybersecurity assessments look at how effective those measures are and provide a…
Can Cyber Insurance Companies Accurately Determine Cyber Risk? Hardly a day goes by when we do not hear about a significant hacking event with serious repercussions. Organizations face downtime, loss of data, potentially significant fines, and issues with reputation. Little wonder that they are looking for protection through insurance policies at the same time as…
Security and compliance awareness training transforms a company’s greatest security risk — its people — into its greatest defensive asset. When companies empower their employees through security awareness training, they gain a host of unbeatable benefits like reduced security costs, increased compliance, and a big edge against cyberattacks. Over our 3 Part Series, each scenario…
Security and compliance awareness training transforms a company’s greatest security risk — its people — into its greatest defensive asset. When companies empower their employees through security awareness training, they gain a host of unbeatable benefits like reduced security costs, increased compliance, and a big edge against cyberattacks. Over our 3 Part Series, each scenario…
Security and compliance awareness training transforms a company’s greatest security risk — its people — into its greatest defensive asset. When companies empower their employees through security awareness training, they gain a host of unbeatable benefits like reduced security costs, increased compliance, and a big edge against cyberattacks. Over our 3 Part Series, each scenario…
10 SMB Data Breach Statistics ~ Small Businesses ARE NOT Immune The number of recorded data breaches in 2021 has exceeded the total number of events 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020 More than 60% of breaches result from misused, stolen or purchased credentials An estimated 85% of data breaches involve a human element….
The Confusion between Penetration Testing vs. Vulnerability Assessment There seems to be a certain amount of confusion within the Information Technology arena about the differences between Penetration Testing and Vulnerability Assessment. They are often classified as the same thing, when in fact they are not. Penetration Testing is more aggressive and intrusive, it goes a…
2020 saw a lot of changes, and not just in the personal sector of our lives. At the beginning of the year, the US Department of Defense (DoD) – recognizing a growing need for increased cybersecurity – released a new certification system for all of its contractors and subcontractors. The Cybersecurity Maturity Model Certification…
Organizations rely on third-party vendors for a variety of services, from payroll processing to HVAC maintenance to information technology services. Every vendor relationship brings potential security risks, and shortfalls in one vendor can compromise sensitive data throughout the supply chain. Vendor management programs, service level agreements, and long-term monitoring are valuable tools for managing vendor…
Cyber security has become a priority for most organizations, and rightly so. Data breaches are a real risk, and cybercriminals aren’t going away. The “prohibition” approach (or “zero trust”), which limits access to web pages and applications, is a go-to model for data protection. But are security programs interfering with business performance? Research suggests that…