.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Why Is Social Engineering a Threat to Businesses?
by Peter Fellini on August 7, 2025 at 11:00 AM
When most people think of cybersecurity threats, they picture viruses, ransomware, or brute-force attacks hammering away at firewalls. But some of the most effective attacks don’t need advanced code or malware. They just need a willing person to pick up the phone, click a link, or tru …
Cybersecurity Matters: How Small Mistakes Create Big Problems
by Joseph Boisvert on August 1, 2025 at 2:36 PM
Every once in a while, a story hits the headlines that makes cybersecurity professionals shake their heads—not because it's complex or sophisticated, but because it's simple and entirely preventable. One of those stories surfaced recently, involving a breach at McDonald’s that was rep …
Understanding AI: What It Is, How It Works, & Why It Needs Oversight
by Kelly O’Brien on July 31, 2025 at 12:41 PM
Artificial Intelligence (AI) is no longer a futuristic concept; it is a reality. It’s already reshaping how we live, work, and interact with technology. From voice assistants and personalized ads to self-driving cars and automated customer support, AI is quietly becoming a core part o …
Higher Education’s Push Toward a Virtual CISO Approach
by Alexander Magid on July 25, 2025 at 10:16 AM
In recent years, higher education institutions have faced an increasingly complex cybersecurity landscape. From ransomware attacks that disrupt learning environments to rising compliance obligations under federal mandates, colleges and universities—especially small and mid-sized ones— …
CIS or NIST CSF? Choosing the Right Cybersecurity Framework (Or Both)
by Kelly O’Brien on July 24, 2025 at 1:00 PM
The Center for Internet Security (CIS) Critical Security Controls are a prioritized set of best practices designed to help organizations defend against common cyber threats. Version 8.0, released in 2021, introduced major changes to better reflect modern IT environments, including sup …
Rethinking SOC 2 Audits with Purpose-Built Platforms
by Rachel Hughes on July 21, 2025 at 2:38 PM
SOC 2 audits are a crucial part of demonstrating an organization’s commitment to data security and trust. They provide assurance to customers, partners, and regulators that your systems are appropriately controlled and monitored. But despite their value, SOC 2 audits are often viewed …