In today’s ever-evolving digital landscape, our central concern revolves around safeguarding data security and privacy. As businesses increasingly depend on cloud services and third-party vendors to manage their data, it becomes crucial to ensure these service providers adhere to stringent security standards. 

A prominent standard in this domain is the Service Organization Control 2, or SOC 2, a framework developed by the American Institute of Certified Public Accountants (AICPA). SOC 2 evaluates and reports on the controls at service organizations that directly impact customer data.

In this discussion, we delve into SOC 2 assessors and the essential factors to consider when selecting one.

Read More

Beginning in 2019, the Cybersecurity and Infrastructure Security Agency (CISA) began releasing their Risk and Vulnerability Assessment report. This report compiled several months of testing, audits and remediation efforts carried out on behalf of federal entities. Their assessments of these stakeholders helped them identify common attack vectors, the effectiveness of these attack vectors and how IT systems were responding to these attacks. 

Recently, CISA released their report for FY 2020. While some of the information in the report is insightful and informative, much of it is also becoming unfortunate common knowledge.  

Read More