.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Latest Update in Vulnerabilities (SeriousSAM, PrintNightmare)
by Danielle Corsa on July 29, 2021 at 3:30 PM
In this week's blog post, Compass IT Compliance Cybersecurity Professional Danielle Corsa analyzes several recent Microsoft vulnerabilities.
The Difficulties of Remaining Compliant in the New COVID Landscape
by Derek Boczenowski on November 18, 2020 at 1:00 PM
If there is one thing that everyone can agree on in these interesting times, it is that COVID-19 has upset the apple cart in lots of different ways. Everything from school to work to social gatherings has been disrupted and changed over the last eight months, and some of these changes …
Government Cyber Weaknesses & the Need for White Hats
by Todd Pritsky on April 15, 2019 at 1:01 PM
Have White Hat, Will Travel “A young boy, with greasy blonde hair, sitting in a dark room…[T]he weary system cracker telnets to the next faceless .mil site on his hit list.”
PCI Compliance - PCI DSS 3.2 By the Numbers
by Geoff Yeagley on April 26, 2016 at 10:00 AM
PCI DSS 3.2 is coming and that means some changes for Merchants and Service Providers and the steps that they take to mitigate their risk of a breach involving credit and debit cards. While change is inevitable, change can still be difficult,especially when you are talking about all o …
The SANS Top 20, A Vulnerability Assessment, and Penetration Testing
by Geoff Yeagley on February 11, 2016 at 10:00 AM
The SANS Top 20 Critical Security Controls outline the 20 most critical controls that an organization should implement to ultimately reduce their overall risk of suffering a data breach. These controls were originally developed in 2008 by the NSA at the request of the Office of the Se …
IT Risk Assessments and the SANS Top 20
by Geoff Yeagley on January 26, 2016 at 10:14 AM
No matter what industry you are in, conducting a thorough IT Risk Assessment is critical to your organization for a number of reasons. First, it gives you a point in time measurement of how your IT Security posture compares to either various regulations or IT Security Frameworks.