IT Risk Blog | The official blog of risk3sixty


Articles, Posts, and Insights into IT Audit, Cyber Risk, IT Compliance, and Information Security

ISO 27701 Privacy Framework Could be the GDPR Certification We’ve Been Waiting For

Faced with regulatory penalties, an avalanche of due diligence questionnaires, and stringent contractual clauses, companies of all sizes have been impacted by GDPR. To date, most companies have tackled GDPR with sheer effort, investing billions of dollars toward compliance with little or no assurance their efforts have paid off. As a result, business leaders are[…]

risk3sixty Successfully Completes Peer Review

At risk3sixty, we pride ourselves on craftsmanship. It is one of our core values. As a result, every engagement follows a rigorous quality standard and multiple levels of internal quality assurance review. It’s just one way we try to make sure everything we produce meets a set of minimum quality standards. In addition to our[…]

Business Continuity Planning: It Takes a Village

  Business Continuity Planning (BCP) and Disaster Recovery are essential tools for organizations of any size and maturity level; but what may not be apparent is the appropriate amount of resources required to ensure organizations are prepared with an effective BCP. All too often, the task of constructing and maintaining the organizations Business Continuity Plan[…]

Vulnerability Management Makes it Harder to for Hackers to Exploit Your Systems

From a penetration tester’s perspective, there are a few things that quickly indicate an organization’s maturity (and the likelihood our team will be able to exploit their environment). If any of these exist, the chance we will be able to successfully breach their environment increases: Indicators a Hacker Can Breach Your Systems Aging Infrastructure One[…]

Diversion Tactics: Using Vulnerable Windows Servers to Fool Hackers

Windows Servers are practically irresistible to hackers everywhere. This makes the lone Windows Server a perfect candidate for a honeypot. In this post we explore how to use a Windows Server to divert a hacker’s attention from what matters than by giving them what they think is an easy win!

Pacesetters Awards: risk3sixty named Top 100 Fastest Growing Companies in Atlanta

  On April 25, 2019, join risk3sixty and other great Atlanta companies where the Atlanta Business Chronicle will release its annual ranking of Atlanta’s Fastest-Growing Private Companies (Pacesetters). To qualify, a company must be privately held; based in metro Atlanta area and not a subsidiary of another company; established first quarter 2016 or earlier (to judge[…]