CATEGORY:
security & business
Early Review of AICPA’s SOC for Supply Chain Criteria Part 1
Recently, the AICPA has released its exposure draft for the SOC for Supply Chain Description Criteria for public comment. In a follow-up to my recent blog summarizing the Description Criteria, this blog will be part of a 2-part series exploring the details. In the...
Early Review of AICPA’s SOC for Supply Chain Criteria
Recently, the AICPA has released its exposure draft for the SOC for Supply Chain Description Criteria for public comment. I reviewed the draft and summarized the overview and main points below. This is an introductory post. Stay tuned for a 2-part deep dive into the...
SOC 2 Criteria and Positive Cybersecurity Impacts
In January 2018, the AICPA released detailed guidance on its newest SOC 2 Common Criteria (based on COSO 2013 Framework for an entity-wide reporting level). The new framework officially went into effect on December 15, 2018. Many organizations, including some of my...
Cybersecurity Lessons from WWII
In honor of National Cybersecurity Awareness Month, let’s look at how principles from World War II propaganda can teach us valuable lessons today.
NIST Upcoming Mobile Security Recomendations
Turning Attention to Mobile Applications NIST 800-163, Vetting the Security of Mobile Applications, was recently revised from its 2015 version to address the evolving landscape of mobile application security. NIST provides details and clarity on how exactly...
The Drive to Number One
Domino’s is the number one pizza company in the world. Truly, their drive seems unstoppable, which makes us ask: how do we drive to number one?
NIST for Cybersecurity: Understanding the Framework
The NIST Cybersecurity Framework is a risk management program with a focus on crossing every industry. Let’s dive into how your company can implement it.
Leave It Better Than You Found It
As often as we can, my wife and I like to steal away to the great outdoors for some camping and hiking. The fresh air, beautiful creation, and peace and quiet are a welcome change from what can sometimes be a very busy pace. a simple phrase We’ve been to a lot...
Under The Surface: Cybersecurity Risks
I help companies think through their cybersecurity threats. Like most threats, however, they lie under the surface and remain unseen until it’s too late.
Your Role Is Not Your Title
When someone asks you what you do for a living, how do you lead? Most of us just give our job titles. I suggest a new approach: let’s talk about roles.