What is Ransomware and Why Is it a Major Cybersecurity Threat in 2021?

Major infrastructure in the United States is under attack. As more heavy industrial companies, defense contractors and government agencies increasingly rely on cloud platforms and IT solutions to serve their users and constituents, hackers are finding ways to leverage vulnerabilities and steal information.  The problem with these attacks is that they are taking advantage of… Read More

Why Should I Seek ISO 27001 Compliance?

ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

The Role of Compliance in Operational Resiliency

“Resiliency” is a word that gets thrown around a lot by professionals interested in the continuity of business in times of disruption. The fact is that depending on the industry and business model, resiliency is more akin to a science than anything else. Professionals measure things like logistics, statistics, risk and operational effectiveness to balance… Read More

How to Prepare for the Upcoming PCI DSS 4 Update

The Payment Card Industry Data Security Standard is a voluntary security framework to help protect customers and merchants against the theft of credit card data during POS transactions. Like many other compliance frameworks, PCI DSS has continually evolved over the years to match new technologies and new threats to the privacy of consumers shopping online… Read More

Is CMMC Compatible with FedRAMP Certification?

Any IT or cloud provider working with the government needs to show that they are secured against data breach or theft. As the SolarWinds hack has demonstrated, our interconnected technology systems are under attack from outside entities who want to gain access to critical civil, military, and industrial data and undermine our security. That’s why… Read More

How Does CMMC Compliance Impact Small and Mid-Sized Businesses?

The Department of Defense has made a significant push to improve the security of its cyberinfrastructure and supply chain (known as the Defense Industrial Base), and the result of this push is the Cybersecurity Maturity model Certification (CMMC) initiative. This framework uses existing security guidelines to provide an overview of necessary security requirements for federal… Read More

PCI DSS eCommerce: The Cybersecurity Landscape for Retailers in an Always-on Digital Market

While online retail isn’t a new phenomenon, many retailers are still behind when it comes to proper security measures for this form of business. With fraud claims and chargebacks rising exponentially in 2021 due to quarantine and increased online customers, these security measures related to PCI DSS eCommerce are only becoming more necessary, not less.… Read More

Security audit done the same old way?

Still doing security audit and compliance assessments the same old way? The definition of insanity is doing something over and over again and expecting a different result. Data breaches are occurring at an alarming and escalating rate despite the traditional assessment methodology and  tools. It’s time to shake up and wake up the cybersecurity industry… Read More

Why Excel is so Old-School and how to be Cool-School

We get it. We completely understand why you still use Excel as an assessment and audit tool. We suffered through it just the same but we believe that working smarter and not harder which is why we invented ITAM IT audit software. The IT Audit Machine (ITAM IT audit software) is the patent pending, industry… Read More