.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Why the ‘CISO’ in Virtual CISO Services Shouldn’t Scare You
by CJ Hurd on July 8, 2025 at 1:00 PM
For many small and midsize businesses, the term Virtual CISO (or vCISO) can be a little off-putting. It sounds big, corporate, and expensive—like something built for Fortune 500 companies, not organizations with lean teams, tight budgets, and practical day-to-day needs. After all, the …
What Is a Managed Security Service Provider (MSSP)?
by Geoff Yeagley on July 1, 2025 at 4:53 PM
As cyber threats continue to evolve and become more sophisticated, organizations across every industry are realizing that protecting their digital assets isn’t just an IT concern—it’s a business imperative. Unfortunately, many companies lack the in-house expertise, tools, or bandwidth …
How Much Does Penetration Testing Cost In 2025? Full Transparency
by Jesse Roberts on June 3, 2025 at 11:30 AM
Penetration testing is no longer a “nice-to-have” service. For many organizations in 2025, it’s a vital part of maintaining security, meeting compliance requirements, and demonstrating due diligence to leadership, customers, and regulators. But despite its growing importance, many IT …
The Hidden Risks of User-Installed Apps in Microsoft 365
by Jesse Roberts on May 23, 2025 at 11:09 AM
The Microsoft 365 platform offers unparalleled flexibility, enabling users to collaborate, share, and automate workflows through an expansive catalog of third-party and custom-developed applications. But that convenience comes with a cost.
Misconfigured Microsoft 365: A Growing Threat Surface
by Jesse Roberts on May 15, 2025 at 1:49 PM
Microsoft 365 has become the backbone of modern business productivity. From Exchange Online and Teams to SharePoint, Power Apps, and Power Pages, its integrated services allow organizations to collaborate at scale. But with convenience comes complexity—and with complexity, misconfigur …
Is Your Internal Pen Test Just a Glorified Vulnerability Scan?
by Jesse Roberts on May 14, 2025 at 12:04 PM
Organizations today face an increasing number of internal threats—whether from malicious insiders, compromised credentials, or vulnerable systems exposed on the internal network. That’s why internal penetration testing has become a critical part of any mature cybersecurity program. Bu …