.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Risk Management – Everyone Needs a Seat at the Table
by Donald Mills on March 17, 2022 at 1:00 PM
In the security world there’s a common saying that compliance isn’t security and security isn’t compliance. I believe what gets missed in this saying is the role proper risk assessments and risk management play in marrying up security and compliance.
Compliance is NOT Security
by Kelly O’Brien on September 1, 2021 at 3:30 PM
Is maintaining compliance with current regulatory laws enough to protect your business from cybersecurity attacks? If you answered no, you are correct. Although often used synonymously, compliance and security do not mean the same thing when it comes to protecting your organization.
The Difficulties of Remaining Compliant in the New COVID Landscape
by Derek Boczenowski on November 18, 2020 at 1:00 PM
If there is one thing that everyone can agree on in these interesting times, it is that COVID-19 has upset the apple cart in lots of different ways. Everything from school to work to social gatherings has been disrupted and changed over the last eight months, and some of these changes …
Updates to MA 201 CMR 17 Data Breach Law
by Derek Boczenowski on February 1, 2019 at 1:00 PM
The Laws, they are a’ changin’… …to paraphrase Bob Dylan. And I’m speaking about privacy and breach laws. It would seem that every other day we hear of another set of customer data being compromised at another company. It could be just name and address, but it could be phone number, S …
The Dangers of a Written Information Security Program (WISP)
by Joel Goloskie on February 22, 2018 at 10:30 AM
This is a guest post that was written by Joel Goloskie, Esq. Joel is Senior Counsel with Pannone, Lopes, Devereaux, & O'Gara in Boston. Joel is a member of the firms Healthcare, Litigation, and Corporate & Business Teams. Joel advises and assists his clients on the various int …
The NIST Cybersecurity Framework - The Protect Function
by Geoff Yeagley on July 19, 2017 at 10:43 AM
For the second part of our series on the NIST Cybersecurity Framework, we are going to be discussing the Protect function. Last time we discussed the Identify function which talked about the need to really understand your critical infrastructure, your systems, and the risks associated …