23 Jul InfoSec Strategies 4 Reasons to Establish and Exercise Your Right to Audit Vendors July 23, 2019 By Richard Barrus 0 comments How do you really know your highest-risk vendors are doing what they say they’re doing, security-wise—especially if it involves meeting...Continue reading
03 Oct ISMS Consulting An Auditor’s View of ISO 27001 Internal Audits: Thrills, Chills and Hopefully Some Value-Add October 3, 2017 By Richard Barrus 1 comment When most people think of audits in general, they’re imagining mundane, cookie-cutter affairs that are about as interesting as watching...Continue reading
29 Sep Penetration Testing Patch Verification: The Missing Link in Too Many Patch Management Programs September 29, 2015 By Terry Crowley 0 comments With so much malware out there targeting known vulnerabilities on unpatched systems, patch management is universally recognized as fund...Continue reading
23 Jun ISO 27001 Certification What is a Reasonable Cost/Scope for an ISO 27001 Internal Audit? June 23, 2015 By John Verry 0 comments We recently bid on an ISMS Internal Audit (ISMS IA) for an existing client at around $8,000, and were very surprised when the client le...Continue reading
16 Apr ISO 27001 Certification A Key “Hidden” Lesson from the Sony Breach: You’re Only as Strong as Your Soft Controls April 16, 2015 By John Verry 0 comments Throughout 2014 and into 2015 with the recent Anthem Blue Cross breach, every few weeks with distressing regularity there has been a ne...Continue reading