.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
CMMC & the Executive Order: A New Era for Shipbuilders
by William DePalma on May 2, 2025 at 2:23 PM
America’s shipbuilding renaissance is underway. On April 9, 2025, President Trump signed a sweeping executive order aimed at revitalizing the U.S. shipbuilding industrial base—an industry long seen as vital to both economic strength and national defense. At the same time, shipbuilders …
SOC 2 & Managed Security Services: A Perfect Partnership for SMBs
by Bernard Gallagher on April 25, 2025 at 10:30 AM
For small and medium-sized businesses (SMBs), navigating the complexities of cybersecurity and compliance can feel overwhelming. Limited resources, time constraints, and the ever-present threat of cyberattacks make it challenging to establish robust security measures while meeting ind …
Copyright Infringement Scams - All You Need to Know
by Nicholas Foisy on April 24, 2025 at 1:25 PM
In today’s digital-first world, content creators, website owners, and marketers are increasingly becoming targets of sophisticated scams. Among the most insidious are copyright infringement scams—fraudulent schemes designed to deceive recipients into handing over money, credentials, o …
Replacing the FFIEC CAT with NIST CSF 2.0
by Jerry Hughes on April 18, 2025 at 11:26 AM
After nearly a decade of use, the Federal Financial Institutions Examination Council (FFIEC) is officially retiring its Cybersecurity Assessment Tool (CAT) on August 31, 2025. Originally released in 2015, the CAT served as a foundational tool for financial institutions—especially bank …
Subcontractor Survival: Meeting Prime Contractor CMMC Requirements
by William DePalma on April 17, 2025 at 1:53 PM
The cybersecurity landscape for the defense industrial base (DIB) has shifted. With the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 moving swiftly toward full enforcement, subcontractors are finding themselves under growing pressure — not only f …
Selecting Your SOC 2 Type 2 Observation Period
by Bernard Gallagher on April 11, 2025 at 10:30 AM
Preparing for your first SOC 2 Type 2 audit—or planning your next—requires careful selection of a critical component: the observation period. This timeframe, also known as the monitoring period, audit period, or review window, defines when your organization's controls will be evaluate …