.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
The NIST Cybersecurity Framework - The Detect Function
by Geoff Yeagley on August 2, 2017 at 2:10 PM
We are in our third part in a six-part series talking about the NIST Cybersecurity Framework and the core, or functions, of the framework. In the last 2 posts, we talked about the Identify and Protect functions of the framework and used the analogy of building a house. When you build …
The NIST Cybersecurity Framework - The Protect Function
by Geoff Yeagley on July 19, 2017 at 10:43 AM
For the second part of our series on the NIST Cybersecurity Framework, we are going to be discussing the Protect function. Last time we discussed the Identify function which talked about the need to really understand your critical infrastructure, your systems, and the risks associated …
Another Day, Another Major Ransomware Outbreak...
by Geoff Yeagley on June 28, 2017 at 5:00 PM
A little over a month ago, a strain of Ransomware called WannaCry made headlines due to the incredibly successful nature of the attack as it infected hundreds of thousands of users around the world. This ransomware was delivered through an unpatched vulnerability in the Microsoft Oper …
The NIST Cybersecurity Framework - The Identify Function
by Geoff Yeagley on June 21, 2017 at 10:19 AM
Last week we provided a very high-level overview of the NIST Cybersecurity Framework, the core (5 functions) of the framework, and the categories within each function.
What is the NIST Cybersecurity Framework?
by Geoff Yeagley on June 15, 2017 at 11:33 AM
One of the most common questions that we get here at Compass is “What is an IT Security Framework?” This is a great question as folks sometimes confuse the various frameworks with different compliance requirements or regulations that they must adhere to based on their business. If you …
What is PII? Important Distinctions in Information Security
by Sarina Resnick on June 12, 2017 at 11:00 AM
What Is PII? PII is the acronym that keeps getting thrown around but never seems fully understood. It stands for "Personally Identifiable Information." Knowing what it stands for is just as important as knowing why it is becoming increasingly important to the integrity of your cyberse …