Compass IT Compliance Blog
Enhancing Cloud Security Posture Management (CSPM)
April 19, 2024 at 12:23 PM
Guarding the Gates of Digital Identity with Image Analysis
April 18, 2024 at 11:58 AM
Cyber Safe Scholars: Developing IT Security Awareness Among Students
April 17, 2024 at 10:15 AM
CCPA vs. GDPR: A Comprehensive Comparison
April 11, 2024 at 2:15 PM
Dictionary Attacks: What They Are and How to Avoid Them
April 10, 2024 at 4:51 PM
5 Signs Your Phone Has a Virus
April 4, 2024 at 1:48 PM
Is BetterHelp a Scam? Unpacking The Truth
April 3, 2024 at 3:55 PM
What Is Ethical Hacking? A Comprehensive Guide
April 2, 2024 at 1:45 PM
What Is a SOC 2 Report and Who Needs One?
March 29, 2024 at 11:43 AM
Is the Fetch Rewards App Safe? Exploring Data Privacy Concerns
March 26, 2024 at 1:53 PM
What Is DNSSEC, and How Does It Secure Your DNS?
March 22, 2024 at 1:30 PM
New CJIS Requirements: What You Need to Know
March 20, 2024 at 2:45 PM
Staying HIPAA Compliant While Leveraging Telehealth
March 13, 2024 at 3:00 PM
NIST Cybersecurity Framework 2.0 – Key Takeaways
March 7, 2024 at 1:30 PM
Multi-Factor Authorization (MFA) During Cellular Network Outage
February 28, 2024 at 4:15 PM
How to Identify Phishing & Online Security Breach Attempts
February 26, 2024 at 2:00 PM
2FA vs. MFA: What's the Difference?
February 16, 2024 at 11:30 AM
Understanding AI-Powered Social Engineering Attacks
February 13, 2024 at 4:45 PM
Can Neuralink Be Hacked? Cybersecurity Experts Weigh-In
February 7, 2024 at 4:30 PM
Understanding the Key Differences Between IT Governance & Compliance
February 2, 2024 at 3:00 PM
Super Bowl Ticket Scams to Look Out For
January 26, 2024 at 2:04 PM
The SEC Cybersecurity Rules Are Now Effective – What You Need to Know
January 24, 2024 at 1:00 PM
vCISO vs. CISO: What's the Difference?
January 11, 2024 at 11:19 AM
What is Protected Health Information (PHI)?
January 3, 2024 at 4:30 PM
The Crucial Role of SSL Certificates in Cybersecurity
December 22, 2023 at 3:38 PM
Securing Your eCommerce Website From Hackers
December 20, 2023 at 2:15 PM
Leave the World Behind – Could the Cyberattack Blackout Really Happen?
December 13, 2023 at 4:31 PM
Distributed Denial of Service (DDoS) Attacks Defined
December 5, 2023 at 1:00 PM
Cell Phone Usage at Work & HIPAA Compliance: Uncovering the Risks
November 20, 2023 at 1:00 PM
TISAX Compliance: A Comprehensive Guide to Certification
November 9, 2023 at 3:42 PM
Cybersecurity for Law Firms: Knowing Where Your Firm Is at Risk
November 2, 2023 at 3:30 PM
How Secure Is MFA Based on SMS?
October 27, 2023 at 1:15 PM
10 Tips for Choosing a Managed Service Provider (MSP)
October 18, 2023 at 1:00 PM
How to Avoid Concert and Event Ticket Scams
October 13, 2023 at 2:21 PM
The Future of Cloud Archiving: Transforming Cybersecurity & Compliance
September 27, 2023 at 1:00 PM
Man in the Middle (MITM) Attacks: What Are They & How to Prevent Them
September 7, 2023 at 1:00 PM
SOC 1 vs SOC 2 Reports - What's the Difference?
September 1, 2023 at 3:00 PM
What is Flipper Zero? Portable Hacking “Multi-Tool” Explained
August 24, 2023 at 1:00 PM
Understanding USB Flash Drive Security Risks and Forensics
August 15, 2023 at 1:00 PM
Your Guide to Drafting a Data Retention Policy
August 9, 2023 at 1:00 PM
Cl0p’s MOVEit Attack Victim Count Continues to Climb
August 2, 2023 at 2:00 PM
A Comprehensive Guide to Data Center Outsourcing (DCO)
July 27, 2023 at 1:00 PM
What to Look for When Hiring a Virtual CISO (vCISO)
July 19, 2023 at 2:30 PM
Meta's Threads Collects More Data Than You May Know
July 10, 2023 at 1:00 PM
How Secure Is Your Crypto Wallet?
July 7, 2023 at 12:00 PM
Temu App Poses Potential Data Risk for Consumers
June 30, 2023 at 11:00 AM
Safeguard Your Website From SEO Poisoning
June 27, 2023 at 2:15 PM
Cybersecurity Controls – Good, Cheap, Fast: Pick Two
June 22, 2023 at 3:15 PM
Insider Threats – Your Employee May Be Your Greatest Risk
June 12, 2023 at 10:30 AM
Vishing: Over-the-Phone Scamming
June 8, 2023 at 5:00 PM
Different Types of Social Engineering Attacks & How to Protect Yourself
June 2, 2023 at 9:30 AM
Tug-of-War: Balancing Security and Efficiency
May 26, 2023 at 11:00 AM
Smishing: Text Messages from Scammers
May 18, 2023 at 1:00 PM
MIME Sniffing: What Is It? What Are the Security Implications?
May 9, 2023 at 2:45 PM
Addressing the Risks of Artificial Intelligence (AI)
May 4, 2023 at 1:00 PM
Here's Why You Need A Password Manager
April 28, 2023 at 10:45 AM
ChatGPT Writing Code, Replacing Developers? Not So Fast
April 18, 2023 at 2:45 PM
Businesses Can Learn From the Classified Pentagon Leak
April 14, 2023 at 4:30 PM
Penetration Testing: Understanding Red, Blue, & Purple Teams
April 11, 2023 at 1:00 PM
Self-Assessment Questionnaire (SAQ) P2PE Changes in PCI DSS v4.0
April 3, 2023 at 1:45 PM
The Healthcare Industry Remains a Favorite for Cyber Criminals
March 27, 2023 at 9:30 AM
ProxyNotShell – Microsoft Exchange Exploit Explained
March 23, 2023 at 1:15 PM
What Is Password Spraying? How Can It Affect Customers?
March 15, 2023 at 2:00 PM
HIPAA Compliance – Understanding Basic Best Practices
March 7, 2023 at 2:30 PM
Not Using Multifactor Authentication? Your Days Are Limited!
February 22, 2023 at 2:30 PM
Preparing for a BIA – Understanding RTO and RPO
February 16, 2023 at 1:00 PM
Making Sense of Data Management
February 9, 2023 at 2:45 PM
February 3, 2023 at 2:15 PM
Building a Privacy Culture This Data Privacy Week
January 26, 2023 at 1:00 PM
Flight Troubles & Business Continuity Planning
January 11, 2023 at 4:15 PM
What Does It Mean to Be CJIS Compliant?
December 1, 2022 at 3:00 PM
OWASP Top 10: Why Compliance to OWASP Matters
November 10, 2022 at 1:00 PM
A Closer Look at PCI DSS v4.0 Vulnerability Scanning Requirements
November 4, 2022 at 11:00 AM
Only YOU Can Prevent Cyberattacks This October (And Beyond)
October 13, 2022 at 4:30 PM
Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0
September 16, 2022 at 2:45 PM
Using the HECVAT to Measure Vendor Risk
September 8, 2022 at 1:00 PM
Your Guide To Cyber Liability Insurance
August 31, 2022 at 1:00 PM
Are You Protecting Your Attack Surface?
August 25, 2022 at 1:00 PM
PCI DSS v4.0 ROC Changes – Coming Now to an Organization Near You!
August 17, 2022 at 3:30 PM
MSP Breaches Opening the Door to Further Attacks on Clients
August 10, 2022 at 1:00 PM
Access Control to Combat Domestic and Global Threats
August 4, 2022 at 1:00 PM
What Does a Passwordless Future Look Like?
July 28, 2022 at 1:00 PM
Cybersecurity Controls & Configurations – Are You Locking Your Doors?
July 20, 2022 at 3:15 PM
Karakurt Data Extortion Group – A New Approach to Ransomware
July 7, 2022 at 2:45 PM
Ignorance Is Not Bliss When It Comes to Security Assessments
May 6, 2022 at 4:00 PM
Bypassing Multi-Factor Authentication via Prompt Bombing
April 27, 2022 at 1:00 PM
A True Story and Yet Another Cyberattack Victim
April 22, 2022 at 1:45 PM
Weighing Your Multi-Factor Authentication Options
April 14, 2022 at 2:30 AM
PCI DSS v4.0 Released – What Changes Were Made?
April 4, 2022 at 2:15 PM
Receiving a Scam Text… From My Own Phone Number
March 30, 2022 at 5:00 PM
It (Should) Be an MFA World, We Are Just Living in It
March 24, 2022 at 3:15 PM
Risk Management – Everyone Needs a Seat at the Table
March 17, 2022 at 1:00 PM
Recommendations from CISA's Recent “Shields Up” Warning
March 10, 2022 at 2:00 PM
Revisiting the Apache Log4j Vulnerability
March 3, 2022 at 1:00 PM
Password Complexity – Going Beyond the Minimum Requirements
February 23, 2022 at 1:00 PM
Zero Trust as Learned from My Grandmother
February 2, 2022 at 3:00 PM
Cyber & Physical Security: Why You Need Both
January 27, 2022 at 2:30 PM
Is Your Head in the Cloud? Traditional Security vs. Cloud Security
December 31, 2021 at 3:30 PM
The Greatest Vulnerability Still Remains – End Users
December 15, 2021 at 1:00 PM
Reflecting on the AWS Outage and Cloud Disruption Risks
December 9, 2021 at 4:38 PM
‘Tis the Season – Don’t Fa La La to Holiday Scams
December 1, 2021 at 2:30 PM
QRishing – A New Version of an Old Scam
November 17, 2021 at 3:00 PM
Transitioning to CMMC 2.0 – The Five Stages of Grief
November 10, 2021 at 2:46 PM
An Introduction to CMMC Compliance
September 30, 2021 at 1:00 PM
September 1, 2021 at 3:30 PM
PCI, Service Providers, and You
August 19, 2021 at 3:30 PM
Center for Internet Security (CIS) Controls V8 – What's New?
August 5, 2021 at 4:00 PM
Latest Update in Vulnerabilities (SeriousSAM, PrintNightmare)
July 29, 2021 at 3:30 PM
Ransomware Disrupting Your Beer Supply
July 16, 2021 at 1:00 PM
The Difference Between IT Risk Assessments and IT Audits
July 7, 2021 at 1:00 PM
Protecting SCADA Systems from Cyber-Attacks
June 24, 2021 at 3:00 PM
Traditional Antivirus vs. Endpoint Detection Response (EDR)
May 12, 2021 at 1:00 PM
Combating Cognitive Bias to Mitigate Social Engineering Attacks
April 9, 2021 at 1:00 PM
March 31, 2021 at 1:00 PM
Mail Order DNA Testing – Protecting Your Genetic Data
February 24, 2021 at 1:00 PM
Hacker Tries to Poison Florida Water Supply – What Went Wrong?
February 18, 2021 at 1:00 PM
Succession Planning and Testing – Who Will Step Up to the Plate?
February 1, 2021 at 9:52 AM
Taking a Proactive Approach to Consumer Data Privacy
January 6, 2021 at 1:00 PM
SolarWinds SUNBURST Hack – And You Thought 2020 Couldn’t Get Any Worse
December 18, 2020 at 2:45 PM
The Online Shopping Scam That Almost Duped a Security Professional
December 10, 2020 at 3:15 PM
So You Started Trading Stocks – Is Your Account Secure?
December 3, 2020 at 1:00 PM
The Difficulties of Remaining Compliant in the New COVID Landscape
November 18, 2020 at 1:00 PM
California Privacy Rights Act of 2020 – CCPA 2.0?
November 13, 2020 at 3:45 PM
California’s Unruh Act: How To Mitigate Website Accessibility Risk
November 5, 2020 at 1:00 PM
Cyberattacks on the Rise – Everyone Pays the Price!
October 30, 2020 at 1:00 PM
IT Asset Management – Disposal of Assets
October 21, 2020 at 1:30 PM
Vendor Risk Management: Third-Party Risk Analysis / Annual Review
October 8, 2020 at 2:00 PM
VA Data Breach Exposes the Personal Info of 46,000 Veterans
September 24, 2020 at 1:00 PM
Situational Awareness – How Strong Are Your Spidey Senses?
September 17, 2020 at 3:15 PM
Elements of Quality Security and Privacy Awareness Training
September 3, 2020 at 3:00 PM
August 27, 2020 at 2:15 PM
New York Files First 23 NYCRR 500 Enforcement Action
August 20, 2020 at 1:00 PM
IT Asset Management – Monitoring and Maintaining Assets
August 6, 2020 at 3:45 PM
Blackbaud Breach – Time to Review Your Vendors
July 29, 2020 at 1:00 PM
Virtual Meeting Privacy & Consent
July 22, 2020 at 3:30 PM
Security Oversight with Managed Service Providers
July 9, 2020 at 1:00 PM
CMMC: Moving Away from Self-Assessments
July 2, 2020 at 1:00 PM
CMMC – What Is It, and Why Does It Matter?
June 24, 2020 at 1:00 PM
Virtual Healthcare and HIPAA Compliance
June 18, 2020 at 1:00 PM
What Are DKIM, SPF, & DMARC? Why Are They So Important?
June 5, 2020 at 3:30 PM
Security Culture Through the Eyes of a Young Marine
May 27, 2020 at 1:00 PM
Contact Tracing – Personal Information Privacy Concerns
May 18, 2020 at 2:00 PM
IT Asset Management – Acquisition of Assets
May 14, 2020 at 1:15 PM
Continuous Vulnerability Scanning Within Your Remote Network
May 7, 2020 at 1:45 PM
Security Concerns to Consider Amid Re-Opening
April 29, 2020 at 1:00 PM
COVID-19: Is Management Asking the Right Questions?
April 24, 2020 at 4:00 PM
9 Easy Steps to Create Strong Passwords
April 15, 2020 at 4:30 PM
Home Network Security for Remote Workers
April 8, 2020 at 1:00 PM
Lessons Learned from a Part-Time Teleworker in Quarantine
March 31, 2020 at 1:00 PM
Can Microsoft Protect Small Businesses from Cyber Attacks?
March 27, 2020 at 1:00 PM
Grocery Stores – A Hidden Gem for Cyber Criminals?
March 25, 2020 at 11:00 AM
How China's TikTok Spies On You & Your Kids
March 19, 2020 at 1:00 PM
Telecommuting (Securely) During a Pandemic Outbreak
March 16, 2020 at 1:30 PM
Microsoft Teams – The New Phishing Platform for Hackers?
March 13, 2020 at 1:00 PM
Pandemic Planning and Tabletop Testing
March 10, 2020 at 3:45 PM
Examples of Effective Vishing Attacks
March 4, 2020 at 2:00 PM
IT Asset Management – Governance Policies & Procedures
February 28, 2020 at 1:00 PM
Stop Running from Privacy! Use the NIST Privacy Framework
February 19, 2020 at 1:00 PM
The Coronavirus – Be Prepared!
February 13, 2020 at 1:30 PM
Microsoft Office Add-ins, Reason for Concern?
February 12, 2020 at 1:00 PM
Reduce Business Risk with Digital Forensic Preparedness
February 5, 2020 at 1:00 PM
Vendor Risk Management: Information Security Responsibilities
January 29, 2020 at 3:30 PM
“Fake It ‘Til You Make It” Doesn't Work in Cybersecurity
January 23, 2020 at 1:00 PM
Breweries – Can they be Hacked?
January 15, 2020 at 2:27 PM
January 8, 2020 at 1:00 PM
3 Keys to Getting Your Cybersecurity Program Back on Track
January 2, 2020 at 1:39 PM
Nest Cameras – Basic Defense In Depth
December 26, 2019 at 1:00 PM
The FFIEC Gives the BCP Booklet a Facelift
December 19, 2019 at 1:00 PM
Virtual CISO: What’s the Benefit?
December 13, 2019 at 3:30 PM
December 4, 2019 at 3:04 PM
What You Can Do to Better Prepare Yourself for Holiday Scams
November 27, 2019 at 1:29 PM
Improving Your Security Awareness Training and Testing Programs
November 20, 2019 at 1:00 PM
Vendor Risk Management: Importance of Service Level Agreements
November 13, 2019 at 1:00 PM
Deciphering the PCI Testing Requirements of PCI-DSS Requirement 11
November 6, 2019 at 1:00 PM
Controlling the Boot Process of a Suspect System
October 30, 2019 at 1:00 PM
Vendor Management Programs to Prevent Data Disasters
October 23, 2019 at 1:00 PM
Situational Awareness Starts with You!
October 16, 2019 at 1:00 PM
Network Defense - Look at Policies and Training First
October 9, 2019 at 1:00 PM
Complying with California’s Consumer Privacy Act (CCPA)
October 2, 2019 at 1:03 PM
Securing Your Cloud Environment – Who is Responsible?
September 18, 2019 at 1:00 PM
Colorado Protections for Consumer Data Privacy Act - What to Know
September 12, 2019 at 2:02 PM
PHI Data - A Hacker's Treasure Trove
September 4, 2019 at 1:03 PM
IT Security in the Professional Sports World
August 28, 2019 at 1:02 PM
August 21, 2019 at 2:15 PM
Ransomware - The Imminent Threat to Your Data
August 15, 2019 at 1:02 PM
Spear Phishing: Targeted Attacks with Higher Success Rates
August 8, 2019 at 1:48 PM
SSAE 18 SOC Reports: The 5 Trust Services Criteria
July 31, 2019 at 1:04 PM
The Cyber Rabbit Hole: Almost Always Maybe
July 24, 2019 at 1:00 PM
How Information Security Approach Affects Organizational Culture
July 17, 2019 at 1:00 PM
July 10, 2019 at 1:00 PM
The Importance of Testing Your Business Continuity Plan
July 3, 2019 at 1:00 PM
Vulnerability Scanning vs. Penetration Testing – How They Differ
June 19, 2019 at 1:02 PM
Cybersecurity - Back to Basics
June 14, 2019 at 1:00 PM
June 5, 2019 at 1:00 PM
CIS Critical Security Controls V7.1 - What's New?
May 29, 2019 at 1:25 PM
IT Governance - Aligning IT Policies With Business Goals
May 22, 2019 at 1:02 PM
Helping a Social Engineer Achieve Their Goal
May 15, 2019 at 1:00 PM
CCPA – Compliance Before Consequence
May 8, 2019 at 1:02 PM
Trends and Tactics in Phishing
May 1, 2019 at 1:00 PM
Government Cyber Weaknesses & the Need for White Hats
April 15, 2019 at 1:01 PM