Ease the Squeeze – Cyber Security with Small Teams

The competition is fierce; each team looking to find the best talent and get the most from every member. Sometimes, to fill a position you have to go to your bench, but this is a battle, and you are in it to win it. No, it isn’t the national team ... Read More

How to Receive a Clean SOC 2 Report

Controls—SOC 2 is all about controls. It’s right there in the name: Service Organization Controls, S-O-C. A SOC 2 report is a de facto requirement for any organization that wants to store any customer data in the cloud, which means most SaaS or cloud service providers. Unlike PCI DSS, which ... Read More

SOX – Not Just for Foxes and Baseball; A Sarbanes-Oxley IT Compliance Primer

There are Red Sox and White Sox and, of course, Fox in Socks, but in 2002, a new SOX entered our lexicon: The Sarbanes-Oxley Act of 2002. This financial regulation was a response to large corporate misdeeds at the time, most notably Enron misleading its board through poor accounting practices ... Read More

Are You PCI Curious? A Short History and Beginner’s Guide

When I was a kid and we would go out to dinner, my dad would often pay using a credit card. The server would come over with an awkward, clunky device, put the credit card in it, and scan the card. By scan, I mean make an impression of the ... Read More

Security Is a Team Sport

If you’ve read a security blog anytime in the last year, you haven’t escaped mention of the dreaded skills gap for cybersecurity professionals. There seems to be consensus that it’s getting harder to hire skilled security staff, though the reason for that is up for debate – some say we’re ... Read More
The State of Security