Our Blog

The New York State Cybersecurity Regulation

The New York State Cybersecurity Regulation

Some entities that operate in the State of New York must comply with NY’s latest cybersecurity regulation to ensure the safety of the entity and its customers.
Stop Phishing Attacks with ERMProtect's Security Awareness Training

SOC2 Plus + Additional Subject Matter (ASM)

The scope of a SOC 2 engagement can be modified to incorporate additional subject matter, criteria, or both (ASM).
SOC for Cybersecurity

SOC for Cybersecurity

A SOC for Cybersecurity examination is aligned with the AICPA's Cybersecurity risk Management reporting framework that was designed to address cybersecurity risks at the entity versus system level.
PCI DSS: What, why, and do I need to comply?

PCI DSS: What, why, and do I need to comply?

What is PCI DSS? PCI DSS stands for Payment Card Industry Data Security Standard. It is a set of requirements developed by major payment card industry brands.
Social Media Security

Social Media Security

The amount of personal information that we put on social media is a disaster waiting to happen; and in many cases – a disaster that has already happened.
The Blockchain – Hype or Reality

The Blockchain – Hype or Reality

What could be the single most transformative technology concept that could change everything we know about risk and internal controls.