.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
CIS Critical Security Controls V7.1 - What's New?
by Patrick Hughes on May 29, 2019 at 1:25 PM
The Center for Internet Security (CIS) is a non-profit information technology entity with a mission to safeguard organizations from cyber threats. CIS has created what’s known as the CIS Top 20 Controls. These are the global standard best practices for securing information technology …
Emotet Malware Warning From MS-ISAC
by Austin Wolfson on January 23, 2019 at 2:14 PM
In this blog we’ll be discussing the Emotet malware program, particularly regarding the most recent and ongoing malspam campaign using the Multi-State Information Sharing and Analysis Center (MS-ISAC), and State, Local, Tribal, and Territorial (SLTT) branding.
The NIST Cybersecurity Framework – The Recover Function
by Kyle Daun on July 19, 2018 at 10:30 AM
You made it! The hard work and determination to protect your organizational assets has paid off. You were able Respond to the cybersecurity event and mitigate the long-lasting damages that the cybercriminals tried to employ on you. Now that the event is contained and eradicated, recov …
WannaCry Lives On! Have we Learned Anything?
by Adam Cravedi on May 21, 2018 at 10:58 AM
As the one-year anniversary of the most widely spread ransomware attack approaches, WannaCry is still active in the wild. Fortunately, so is the “kill switch” domain, rendering the attack mostly benign. During the WannaCry outbreak MalwareTech, a UK-based researcher, discovered that W …
The NIST Cybersecurity Framework Functions - Protect
by Kyle Daun on April 30, 2018 at 1:34 PM
As promised in last month’s blog about the NIST Cybersecurity Framework Identify function, this month we are discussing the Protect function. After an organization has addressed the five categories within the Identify function (Asset Management (ID.AM), Business Environment (ID.BE), G …
New Version of the Critical Security Controls Released
by Geoff Yeagley on April 25, 2018 at 10:00 AM
Last month, the Center for Internet Security (CIS) released version 7.0 of the Top 20 Critical Security Controls. This represents a significant revision from the previous version (6.1) and introduces some interesting changes. Before we dig into the changes to the controls, if you are …