.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
IT Risk Assessments and the SANS Top 20 - Part III
by Geoff Yeagley on February 16, 2016 at 10:56 AM
As we continue down our journey of discussing the importance of the SANS Top 20 Critical Security Controls, I want to make one important clarification that was brought to my attention by one of the readers of our blog. It should be noted that the controls that we are referring to in t …
The SANS Top 20, A Vulnerability Assessment, and Penetration Testing
by Geoff Yeagley on February 11, 2016 at 10:00 AM
The SANS Top 20 Critical Security Controls outline the 20 most critical controls that an organization should implement to ultimately reduce their overall risk of suffering a data breach. These controls were originally developed in 2008 by the NSA at the request of the Office of the Se …
PCI Compliance - New Requirements for Level 4 Merchants
by Geoff Yeagley on January 28, 2016 at 10:00 AM
Credit card breaches are not going away any time soon, that is for sure! While Healthcare breaches seem to be getting all the attention due to the sheer volume in records compromised, payment card data continues to be a prime target for hackers and organized crime entities.
IT Risk Assessments and the SANS Top 20
by Geoff Yeagley on January 26, 2016 at 10:14 AM
No matter what industry you are in, conducting a thorough IT Risk Assessment is critical to your organization for a number of reasons. First, it gives you a point in time measurement of how your IT Security posture compares to either various regulations or IT Security Frameworks.
Social Engineering - Mitigating Your Risk
by Geoff Yeagley on January 12, 2016 at 11:41 AM
As we look into 2016 and what trends are going to take place this year in the world of Information Security, there is one thing that we can predict with significant confidence: Employees will remain the biggest threat to your Information Security Program and ultimately the safety of t …
The HIPAA Risk Assessment: The First Step in a Long Journey
by Geoff Yeagley on December 11, 2015 at 10:20 AM
Every year, experts make predictions on what the following year is going to hold in terms of trends in the cybersecurity industry, what new threats we might face, and what impacts those threats might have on the average person. For years we heard about credit card security and the ass …