Blog Posts
View Article
Internet of Things18 May 2017
It would not surprise me if you have never heard the term “the internet of things” (IoT), meant to encompass the plethora of devices that can communicate with the internet. The category of gadgets is growing, personally, I’ve added a third. My top choice is the cell phone, “mother of all internet of things,” and […]
Learn More
View Article
Phase 2 HIPAA Audits10 May 2017
Phase 2 Audits for the Health Insurance Portability and Accountability Act (HIPAA) are currently underway and medical practices should be aware that the Office of Civil Rights (OCR) is targeting an increasingly broad range of covered entities and business associates. This comprehensive approach is likely to continue when they begin Phase 3 Audits. HIPAA is […]
Learn More
View Article
Cyber Security Insights from the ATLIS 2017 Annual Meeting03 May 2017
Last week approximately 400 independent private school information technology (IT) professionals gathered in Los Angeles for the 2017 Association of Technology Leaders in Independent Schools (ATLIS) annual conference. I had the honor of presenting during the Sunday cyber security workshop and leading a cyber security risk management session on Monday. The goals of the sessions […]
Learn More
View Article
Business Email Compromise27 April 2017
According to the latest figures from the FBI, Business Email Compromise (BEC) schemes have resulted in at least $3.1 billion in losses to approximately 22,000 enterprises in 79 countries over the past two years. A BEC is generally a low cost, low risk scam carried out by hackers. This cyber-attack typically has a high rate […]
Learn More
View Article
Cyber Security in an Open Learning Environment20 April 2017
If you work for or have a family member who attends a K-12 school in the United States and think that your school is immune from hacking, then you couldn’t be more wrong. Between January 1, 2016 and April 19, 2017 there were 112 data security incidents in just K-12 schools! The actual number of […]
Learn More
View Article
Navigating the New York State Cyber Security Requirements for Financial Services Companies12 April 2017
In early 2017, The New York State Department of Financial Services (DFS) released the “Cybersecurity Requirements for Financial Services Companies” with an effective date of March 1, 2017. This is the first state level regulation that mandates financial service firms implement and maintain a robust and ongoing cybersecurity program. It is anticipated that other states […]
Learn More
View Article
Five Steps to Develop a Security Program29 March 2017
Developing a practical and effective cyber security plan is vital to incorporating security into your organization’s risk management strategy. A common misconception is that a cyber security plan is lengthy and difficult to follow. However, that does not have to be the case. Below are COMPASS’ recommended 5 steps for your cyber security plan. Threat […]
Learn More