Compliance and Risk Management in the Spotlight: Lessons Learned from the SolarWinds Hack

Solarwinds security breach

We recently wrote an article discussing, briefly, a data breach for the security firm FireEye. At the time, FireEye claimed that the breach was the result of a foreign attack, a state-sponsored cyberattack, an event that has unfortunately become the norm in 2020. As we, along with the rest of the country, have learned the FireEye breach was connected to the massive SolarWinds hack, one that many are calling one of the largest security breaches in U.S. history. 

Here, we’ll talk about some of the basics of the attack, including how it happened and its impact. The lessons we can learn from the SolarWinds hack can emphasize just how important risk management is for companies large and small across the U.S.

Read More

What Managed Service Providers Should Know About SOC Compliance

managed security providers security compliance

Some security regulations and recommendations, like FedRAMP, FIPS, or HIPAA, are required of any managed service providers working in specific industries like government or healthcare. Others, like Service Organization Control (SOC) compliance, are not always necessary but help demonstrate that security controls are in place to protect client data. Because of this fact, they are an essential part of an MSPs auditing structure.

Learn more about why your MSP should be using SOC auditing and compliance as part of its business model.

Read More

Security Compliance in the Age of State-Sponsored Cyber Attacks

The recent news of FireEye’s security breach has sent shockwaves through the cybersecurity community. What’s more worrisome is the fact that CEO Kevin Mandia has gone on record stating that the attack is the result of state-sponsored cyber attacks.

As modern technology and cybersecurity threats evolve, their use as tools of war and espionage have been increasing. The normal rules of warfare don’t readily apply in this theater of conflict, however, which means that private businesses and even individuals can get caught up in state-sponsored attacks. Here, we’ll break down the who, what, and how of state-sponsored cyber attacks and how they impact businesses in the United States. 

Read More