.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Human Risk Management (HRM) Defined: What You Need to Know
by William DePalma on June 14, 2024 at 9:42 AM
Human risk management (HRM) is crucial for any organization aiming to minimize potential risks stemming from human behavior and decisions. It addresses employee errors, ethical lapses, and poor management practices, which can significantly impact an organization's operations and reput …
Tug-of-War: Balancing Security and Efficiency
by Justin Leach on May 26, 2023 at 11:00 AM
I find it helpful when explaining principles to think in extremes. So, when it comes to the principle of securing a system, what is the most secure? Let us use this computer I am typing on as an example. Off. That is the most secure. Let us even take the battery out, unplug everything …
Only YOU Can Prevent Cyberattacks This October (And Beyond)
by Brian Kelly on October 13, 2022 at 4:30 PM
Some of you may be old enough to remember Smokey the Bear. Created in 1944, the Smokey Bear Wildfire Prevention campaign is the longest-running public service advertising campaign in U.S. history. In 1947, Smokey’s slogan became "Remember... Only YOU Can Prevent Forest Fires".
Password Complexity – Going Beyond the Minimum Requirements
by Peter Fellini on February 23, 2022 at 1:00 PM
As the frequency and scale of cyberattacks has risen sharply over the past decade, we as end users have been repeatedly asked (and often required) to increase the complexity of our passwords. Back when the internet was in its infancy, the idea of creating a complex and tough-to-guess …
Zero Trust as Learned from My Grandmother
by CJ Hurd on February 2, 2022 at 3:00 PM
I have a line I use with my kids (mainly my teenagers, not so much my nine-year-old yet); “I trust you until I don’t”. They know the line well and sometimes will even finish it for me. I have raised them to hopefully make good decisions and to tell the truth, with the idea of keeping …
Elements of Quality Security and Privacy Awareness Training
by Patrick Hughes on September 3, 2020 at 3:00 PM
As information technology professionals, we often hear the term security awareness training. Most organizations know they need to be conducting continuous security awareness training, whether the goal is to check a box for a framework/regulation they must adhere to, or they genuinely …