Kyle Daun

Kyle Daun

Kyle Daun is AVP of IT Audit with Compass IT Compliance. In this role, Kyle works with organizations across all vertical markets to help them assess their information security program and cybersecurity initiatives to identify potential weaknesses and build a plan to help them mitigate their risks. He currently holds the PCI Qualified Security Assessor (QSA), CMMC Registered Practitioner (RP), and CISA certifications, and was a graduate of the New England Institute of Technology with a Bachelor of Science degree in Cybersecurity. Additionally, he's a member of ISACA and InfraGard.

Posts by Kyle Daun

Why Most Cybersecurity Tabletop Exercises Fail (and How to Fix It)

by Kyle Daun on April 3, 2026 at 10:30 AM

Why Most Cybersecurity Tabletop Exercises Fail (and How to Fix It)

There is a question that comes up in every security community eventually: has anyone actually been in a tabletop exercise that felt worthwhile? The frustration behind that question is completely valid. Too many organizations have sat through exercises that were clearly theater, where …

Read Story

Topics: Cybersecurity Incident Response

7 Proven Ways to Reduce Your PCI DSS Compliance Scope

by Kyle Daun on April 2, 2025 at 1:30 PM

Reducing PCI DSS Scope

For businesses handling payment card transactions, achieving and maintaining PCI DSS (Payment Card Industry Data Security Standard) compliance is essential. However, the journey to compliance can often be expensive and complex. One of the most effective ways to reduce both the financi …

Read Story

Topics: PCI Compliance Compliance

New PCI Requirements Released for SAQ A Merchant Validation

by Kyle Daun on February 3, 2025 at 11:49 AM

New SAQ A Requirements

The PCI Security Standards Council (PCI SSC) recently introduced significant updates for merchants validating their compliance using Self-Assessment Questionnaire A (SAQ A). These updates, part of PCI DSS v4.0.1, reflect industry feedback and evolving security concerns, particularly t …

Read Story

Topics: PCI Compliance Compliance

What Is a C3PAO in CMMC?

by Kyle Daun on December 2, 2024 at 1:45 PM

CMMC C3PAO

In today’s cybersecurity landscape, organizations that work with the U.S. Department of Defense (DoD) must adhere to stringent security standards to protect sensitive information. A critical component of achieving compliance with the Cybersecurity Maturity Model Certification (CMMC) i …

Read Story

Topics: Compliance NIST CMMC

What Are the 3 Important Rules for HIPAA Compliance?

by Kyle Daun on October 9, 2024 at 12:00 PM

HIPAA Rules

HIPAA is designed to protect patient information and ensure its secure handling. As healthcare continues to digitize, compliance with HIPAA’s key regulations is critical for safeguarding sensitive data and maintaining patient trust. This blog post highlights the essential rules health …

Read Story

Topics: Compliance Healthcare Security HIPAA

What Are the 5 Trust Services Criteria (TSC) for SOC 2?

by Kyle Daun on July 10, 2024 at 1:00 PM

SOC 2 TSC

Adhering to industry standards is crucial for organizations that manage sensitive data and rely on robust information systems. The SOC 2 Trust Services Criteria (TSC) provides a comprehensive framework to ensure systems are secure, available, and reliable. This blog will explore the f …

Read Story

Topics: Vendor Management Compliance SOC 2
1 2 3 4 5

See all

See all

Subscribe by email