GDPR: Simplifying the General Data Protection Regulation (Whitepaper)

Approved by the European Union on April 14, 2017 and fully enforceable beginning May 25, 2018, General Data Protection Regulation (GDPR) is arguably the most wide-reaching change to privacy requirements to date. How wide reaching is GDPR? If you are located in the EU and control or process personal data, if you offer goods or[…]

New York Cybersecurity Regulations – Path to Compliance (Whitepaper)

Written March 1, 2017, the New York Financial Services Cybersecurity Regulations have been developed to address significant cybersecurity threats to the financial services industry. The regulations prescribe certain standards for a financial service company’s (“regulated entity” or “Covered Entity”) cybersecurity program for the purpose of promoting protection of customer information and protecting regulated information systems.[…]

What SOC 2 Updates to COSO 2013 Mean for You (Whitepaper)

Beginning December 15, 2018, (with optional adoption beginning April 2017) all SOC 2 reports will be required to utilize the updated Trust Services Criteria. The updated trust services criteria are an update to align with the seventeen COSO 2013 framework principles. If you would like to download the complete whitepaper please send us a note.[…]

IT Risk Assessment: Effective Identification and Selection of IT Audit Projects (Whitepaper)

  Over the past few months I’ve had several leaders of Internal Audit departments ask: “How can we build cyber-security into our annual audit plan?” After a few conversations I decided to put together a whitepaper to help the less-than-technical Chief Audit Executive (CAE) put together a well thought out IT Risk Assessment that helps[…]

How to Read a SOC Report (with Presentation)

Virtually all businesses rely on third party service providers. These third parties may range from common offerings like payroll and payment processing providers to specialized SaaS applications and solutions, or may even be leveraged to replace entire divisions of a business (e.g. technical support or IT security). To gain confidence in, and an understanding of[…]

Personal Cybersecurity Safeguard Checklist (Whitepaper)

In a world where society increasingly relies on information technology and the internet to pay our bills, secure credit, and pursue education endeavors and our careers, it has become more important than ever to educate ourselves on the risks associated with using information technology and take proactive measures in protecting our identity, personal information, electronic[…]

WordPress Website Security Hardening Checklist (Whitepaper)

WordPress websites make up over 20% of all the websites on the internet. If you have a WordPress website that’s both a blessing and a curse. WordPress’s popularity means that there is a whole community dedicated to making enhancements and ensuring it is secure. It also means that there are plenty of people willing and[…]