.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Critical Security Control 19: The Incident Response Plan
by Geoff Yeagley on May 17, 2016 at 12:16 PM
In the world of Information Security, we have all heard of the Center for Internet Security Top 20 Critical Security Controls (CSC's) which is formerly known as the SANS Top 20. This is a list of the 20 IT Security Controls that an organization can implement to strengthen their IT Sec …
Don't Let Ransomware Take Your Money: Use an Incident Response Plan!
by Geoff Yeagley on May 12, 2016 at 11:06 AM
I feel like all I have been writing about for the past month has been Ransomware. Obviously that is due to the fact that Ransomware is in the news all the time, every day, with new trends that are happening, new "victims" that are identified, and how these organized crime entities kee …
Ransomware Alert: Big Business and the Evolution of Phising
by Geoff Yeagley on May 3, 2016 at 1:20 PM
Ransomware is certainly nothing new as it has been around for several years, however, it sure is gaining quite a bit of attention these days. In fact, Ransomware is gaining so much attention that on Friday, the FBI released an article discussing the fact that ransomware is on the rise …
PCI Compliance - PCI DSS 3.2 By the Numbers
by Geoff Yeagley on April 26, 2016 at 10:00 AM
PCI DSS 3.2 is coming and that means some changes for Merchants and Service Providers and the steps that they take to mitigate their risk of a breach involving credit and debit cards. While change is inevitable, change can still be difficult,especially when you are talking about all o …
PCI Compliance - PCI DSS 3.2 is Coming!
by Geoff Yeagley on April 19, 2016 at 10:30 AM
PCI DSS 3.2 is on the horizon with a release date expected to take place by the end of April. The PCI Data Security Standards is now considered a mature standard, which means that there will be incremental updates moving forward, not wholesale changes like we have experienced in the p …
Phishing - Even the Security Folks get Targeted Part II
by Geoff Yeagley on April 7, 2016 at 9:30 AM
Phishing schemes come in all different forms, shapes, and sizes. Hackers and thieves are smart and they will do whatever they think they can do to get access to your sensitive information. Some of these methods include emails, social media "like farming", pre-text calling, etc. The co …