.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Top Ways to Improve IT Security for Small Businesses
by William DePalma on September 12, 2025 at 12:19 PM
Cybersecurity is no longer just a concern for big corporations. Today’s cybercriminals know that small businesses often have fewer defenses, making them prime targets. In fact, reports continue to show that a significant percentage of cyberattacks target small and medium-sized busines …
Red Team Testing: When Your Organization Is Ready (& Why It Matters)
by Patrick Laverty on September 8, 2025 at 2:15 PM
Cybersecurity testing isn’t a one-size-fits-all process. Different organizations are at different maturity levels, and the type of testing you should be investing in depends on how far along you are in building your defenses. One of the most common questions security leaders face is: …
Security Questionnaires: How to Streamline Responses & Save Time
by Alexander Magid on September 2, 2025 at 1:46 PM
As vCISOs serving organizations across the country, we spend a significant amount of time on both sides of the security questionnaire process. We respond to them on behalf of our clients, and we also issue them as part of vendor risk management programs. The reality is the same in eit …
What Is the Best Approach for Incident Response Planning?
by Adam Lyford on August 8, 2025 at 1:24 PM
Security incidents are no longer a matter of "if" but "when." Organizations must be prepared to respond to cybersecurity events with speed, clarity, and coordination. An effective Incident Response Plan (IRP) provides the structure and processes needed to handle incidents in a way tha …
Cybersecurity Matters: How Small Mistakes Create Big Problems
by Joseph Boisvert on August 1, 2025 at 2:36 PM
Every once in a while, a story hits the headlines that makes cybersecurity professionals shake their heads—not because it's complex or sophisticated, but because it's simple and entirely preventable. One of those stories surfaced recently, involving a breach at McDonald’s that was rep …
Why the ‘CISO’ in Virtual CISO Services Shouldn’t Scare You
by CJ Hurd on July 8, 2025 at 1:00 PM
For many small and midsize businesses, the term Virtual CISO (or vCISO) can be a little off-putting. It sounds big, corporate, and expensive—like something built for Fortune 500 companies, not organizations with lean teams, tight budgets, and practical day-to-day needs. After all, the …