Compass IT Compliance Blog

The NIST Cybersecurity Framework - The Identify Function

Last week we provided a very high-level overview of the NIST Cybersecurity Framework, the core (5 functions) of the framework, and the categories within each function. If you are curious and want to go back and review that post, you can find it here.

What is the NIST Cybersecurity Framework?


One of the most common questions that we get here at Compass is “What is an IT Security Framework?” This is a great question as folks sometimes confuse the various frameworks with different compliance requirements or regulations that they must adhere to based on their business. If you look at just the word framework, you will get a definition that uses words like support and structure. When it comes to Information Security Frameworks, the fundamental definition is the same. According to Joe Granneman from TechTarget, an IT Security Framework is:

“A series of documented processes that are used to define policies and procedures around the implementation and ongoing management of information security controls.”

What is PII? Important Distinctions in Information Security

PII is the acronym that keeps getting thrown around, but never defined. Knowing what the acronym stands for is just as important as knowing why it is so increasingly important. So, what is PII? The acronym stands for "Personally Identifiable Information." But what does this really mean?

WanaCry Ransomware: A Survival Guide

What is WannaCry Ransomware?

WanaCrypt0r, WanaDecryt0r, and WannaCry are different names for essentially the same thing. Technically WanaCrypt0r is name of the executable, WanaDecrypt0r is the name of the decrypting utility, and WannaCry is what it makes people want to do. But, for most people they are the same.

By now, most know that it is ransomware. A particularly nasty brand of malware that holds your files ransom by encrypting (locking) them up and making you pay for the key. 

PCI Compliance Levels: How To Determine What Level You Are

Are you considering taking credit cards as a form of payment? Are you already taking credit cards and have experienced substantial growth in your annual volume?  What are your responsibilities as a Merchant or Service Provider? Hold on to your seat as it’s a fun process that needs to be completed annually!

Subscribe to Email Updates