.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
A Key To Your Risk Management Strategy: Cybersecurity Insurance
by Geoff Yeagley on June 16, 2015 at 10:34 AM
I went to a conference back in October and the keynote speaker was a former NSA Director. He made a brilliant point during his presentation that was as follows: There are two types of companies, one that has been breached and the other is the one that has been breached but doesn’t kno …
Security Awareness Training: The First Line of Defense
by Adam Cravedi on June 3, 2015 at 10:29 AM
Compass IT security auditors are often asked if there is a single “most important” factor involved in safeguarding a business’s data assets.
Cybersecurity Insurance: Think You're Covered?
by Geoff Yeagley on May 28, 2015 at 9:46 AM
IT security breaches have become so commonplace in recent years that they barely seem to raise an eyebrow anymore: Target, Bank of America, I.R.S., the list goes on. With that rise, the claims on Cybersecurity Insurance have risen as well.
IT Auditing - Why It's a Smart Investment
by Geoff Yeagley on May 21, 2015 at 8:58 AM
We have all heard the term "Audit" and most of the time it makes us cringe. The first thing that we think of is someone in a suit coming into our organization and poking holes in our Technology, People and Processes that we have built based on the needs of our company and business. Ho …
Incident Response Management: What Is It and How to Implement It
by Geoff Yeagley on May 19, 2015 at 9:20 AM
An Incident Response Program is an aggregate of processes designed to minimize the impact of security incidents. The program is like a fire extinguisher case on the wall in a high school chemistry lab. It contains all of the components, including detailed instructions, for how to cont …
Your PCI Risk Assessment: Security vs. Compliance
by Geoff Yeagley on May 14, 2015 at 8:58 AM
Most people often think that security and compliance are the same thing, especially when looking at conducting a PCI Risk Assessment. Truth is, these are two very different topics yet are interchanged very frequently. A good place for us to start is to define these terms so that we kn …