.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
QR Code Package Scam: What You Need to Know
by Nicholas Foisy on February 14, 2025 at 1:14 PM
In recent months, reports of a new scam involving unexpected packages and QR codes have emerged, raising concerns among consumers and cybersecurity experts alike. This scam, which appears to be an evolution of the well-known "brushing" scheme, is designed to trick recipients into scan …
Aligning Zero Trust Principles with SOC 2 Trust Service Criteria
by Bernard Gallagher on February 11, 2025 at 4:20 PM
Achieving SOC 2 compliance requires organizations to implement rigorous security controls, and adopting a Zero Trust approach can significantly enhance this effort. Zero Trust is built on the principle of “never trust, always verify”, ensuring that access to systems, data, and applica …
CJIS Security Policy v6.0 – Key Updates You Need to Know
by Kelly O’Brien on February 10, 2025 at 2:15 PM
The Criminal Justice Information Services (CJIS) Security Policy v6.0, released on December 27, 2024, introduces significant modernization efforts aimed at enhancing security, compliance, and risk management in handling Criminal Justice Information (CJI). As technology and cyber threa …
Cyber Insurance in 2025: Navigating Emerging Threats & Trends
by Kelly O’Brien on February 6, 2025 at 4:20 PM
As we enter 2025, the cyber insurance landscape is undergoing transformative changes driven by escalating cyber threats, shifting regulatory requirements, and evolving market conditions. Businesses must proactively stay informed on these trends to safeguard their digital assets, optim …
How Can I Hire a Virtual CISO For My Business?
by Jeffrey Torrance on February 4, 2025 at 3:15 PM
As cybersecurity threats continue to evolve, businesses—especially small and mid-sized enterprises (SMEs)—are increasingly recognizing the need for strong security leadership. However, hiring a full-time Chief Information Security Officer (CISO) may not always be feasible due to budge …
New PCI Requirements Released for SAQ A Merchant Validation
by Kyle Daun on February 3, 2025 at 11:49 AM
The PCI Security Standards Council (PCI SSC) recently introduced significant updates for merchants validating their compliance using Self-Assessment Questionnaire A (SAQ A). These updates, part of PCI DSS v4.0.1, reflect industry feedback and evolving security concerns, particularly t …