.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
PCI Requirement 4 – Hide in Plain Sight
by Derek Morris on May 22, 2018 at 9:30 AM
This is the fourth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To read previous posts in this series, click on the links below: PCI DSS Requirement 1 PCI DSS Requirement 2 PCI DSS Requirement 3 Requirem …
WannaCry Lives On! Have we Learned Anything?
by Adam Cravedi on May 21, 2018 at 10:58 AM
As the one-year anniversary of the most widely spread ransomware attack approaches, WannaCry is still active in the wild. Fortunately, so is the “kill switch” domain, rendering the attack mostly benign. During the WannaCry outbreak MalwareTech, a UK-based researcher, discovered that W …
The NIST Cybersecurity Framework Functions - Detect
by Kyle Daun on May 16, 2018 at 10:00 AM
The third function that will be discussed is Detect. After we have identified the assets within our organization and have implemented ways on how to protect those assets, we need to implement measure on how to Detect cybersecurity incidents that may occur. This can be achieved with us …
Data Classification - Understanding the Basics
by Ron Scarborough on May 14, 2018 at 10:00 AM
In the ever-expanding world of PCI DSS, and the emerging GDPR world, data classification is a concern that is often left unattended. Organizations who work with Compass IT often find the value in tagging data that together we deem valuable if manipulated, stolen or destroyed. Organiza …
The NIST Cybersecurity Framework Functions - Protect
by Kyle Daun on April 30, 2018 at 1:34 PM
As promised in last month’s blog about the NIST Cybersecurity Framework Identify function, this month we are discussing the Protect function. After an organization has addressed the five categories within the Identify function (Asset Management (ID.AM), Business Environment (ID.BE), G …
New Version of the Critical Security Controls Released
by Geoff Yeagley on April 25, 2018 at 10:00 AM
Last month, the Center for Internet Security (CIS) released version 7.0 of the Top 20 Critical Security Controls. This represents a significant revision from the previous version (6.1) and introduces some interesting changes. Before we dig into the changes to the controls, if you are …