.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
The NIST Cybersecurity Framework - The Identify Function
by Geoff Yeagley on June 21, 2017 at 10:19 AM
Last week we provided a very high-level overview of the NIST Cybersecurity Framework, the core (5 functions) of the framework, and the categories within each function.
What is the NIST Cybersecurity Framework?
by Geoff Yeagley on June 15, 2017 at 11:33 AM
One of the most common questions that we get here at Compass is “What is an IT Security Framework?” This is a great question as folks sometimes confuse the various frameworks with different compliance requirements or regulations that they must adhere to based on their business. If you …
What is PII? Important Distinctions in Information Security
by Sarina Resnick on June 12, 2017 at 11:00 AM
What Is PII? PII is the acronym that keeps getting thrown around but never seems fully understood. It stands for "Personally Identifiable Information." Knowing what it stands for is just as important as knowing why it is becoming increasingly important to the integrity of your cyberse …
Phishing Examples: Grizzly Steppe and What You Need To Know
by Amy Johnson on March 1, 2017 at 10:00 AM
Within the past few years, Russian hacking has become a major issue in the United States. Not only has Russian Intelligence targeted political campaigns, they have also taken interest in other types of organizations who hold critical information. The Russians have developed a method o …
Vendor Management Requirements for Financial Institutions in New York
by Geoff Yeagley on December 12, 2016 at 9:29 AM
I recently wrote a blog post that discussed legislation in the State of New York that is set to take effect on January 1, 2017. This legislation will effect all financial institutions in the state around Cybersecurity and the development of a formal Cybersecurity program. Click here t …
Ransomware - The Hurricane of Information Security
by Geoff Yeagley on October 10, 2016 at 9:11 AM
I love how they name different hurricanes and honestly, outside of my own name, I would love to see a hurricane named Hurricane Ransomware. If you are like me and have the privilege of living in Florida, you recently experienced the joy of preparing for a major storm, Hurricane Matthe …