.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Your SOC 2 Remediation Roadmap: Turning Exceptions into Progress
by Rachel Hughes on January 30, 2026 at 11:52 AM
Your SOC 2 audit report just landed on your desk, and you've spotted exceptions. Before the panic sets in, take a breath. Finding exceptions in your SOC 2 audit doesn't signal impending disaster or business failure. In fact, exceptions happen even to well-managed, security-conscious o …
CTEM Reporting Cadence: Aligning Intelligence with Stakeholders
by CJ Hurd on January 27, 2026 at 3:54 PM
In the evolution from periodic vulnerability assessments to continuous risk management, one of the most challenging questions organizations face is: what information matters, and when? The shift to Continuous Threat Exposure Management (CTEM) doesn't mean overwhelming security teams a …
Cybersecurity Due Diligence for Mergers & Acquisitions (M&A)
by Nicholas Foisy on January 23, 2026 at 2:25 PM
.jpg)
Mergers and acquisitions represent pivotal moments for any organization. Whether you're expanding your market share, acquiring valuable intellectual property, or absorbing a competitor's customer base, the financial and strategic considerations typically dominate boardroom discussions …
New Year, New AI Rules: What Healthcare Organizations Need to Do Now
by Bryan Chnowski on January 16, 2026 at 3:08 PM
Several new state laws took effect on January 1, 2026, that directly govern how artificial intelligence is used and disclosed in healthcare settings. States are moving faster than federal lawmakers, and they are placing practical requirements on organizations that develop, deploy, or …
How Much Does a Virtual CISO (vCISO) Cost in 2026?
by Jeffrey Torrance on January 13, 2026 at 4:06 PM
If you’re considering a virtual CISO (vCISO) this year, you’re likely asking two practical questions: “How much does it cost?” and “What actually drives the price up or down?” The short answer is that vCISO services are flexible by design, and good programs are intentionally scalable. …
New AI Executive Order: Why Your Business Can't Wait for Clarity
by Jerry Hughes on December 17, 2025 at 11:05 AM
The landscape of artificial intelligence governance in the United States just shifted dramatically. President Trump's recent executive order attempting to establish federal primacy over AI regulation has ignited a national debate about who should be setting the rules for this transfor …