Risk Management

Subscribe to the blog

Receive articles and resources from the information risk management experts at FoxPointe.

The Crucial Role of a CISO and the Power of GRC Tools in Organizational Compliance

August 24, 2023

In today's rapidly evolving digital landscape, the protection of sensitive information and the preservation of digital assets have become paramount, as has a full and accurate understanding of the controls in place. As organizations navigate the intricate realm of cybersecurity, the role of a…

Interagency Guidance on Risks Associated with Third-Party Relationships

Yesterday, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC, and together with the Federal Reserve and the FDIC, the Agencies), finalized previously proposed interagency…

Risks and Difficulties Associated with Multi-Factor Authentication

This article was written by Brandon Agostinelli. The Cybersecurity and Infrastructure Security Agency (CISA) defines Multi-factor authentication (MFA) as: “a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to…

Ransomware Concerns and Risk Mitigation

February 23, 2022

All organizations can face a disastrous outcome to a ransomware event, including the governmental entities. An outbreak is a painful event especially with the critical role these agencies have. The disruption of essential services to the public, health care, water & sewerage, education,…

Benefits of a SOC 2 + HITRUST CSF Report

This blog was written and produced by Courtney Nist, Senior Security Consultant CHQP, CCSFP, at FoxPointe Solutions. Looking to get in touch with Courtney? Reach out today: Courtney Nist cnist@foxpointesolutions.com. Based on the Verizon Data Breach Investigations Report of 2021, healthcare and…

Benefits of a SOC 1 Report

What is a SOC 1 Report A SOC 1 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 18, focuses on a service organization’s controls that are likely to be relevant to an audit of a user entity’s (customer’s) financial statements. SOC 1 reports cover a…

Reducing Third-Party Risk: Ongoing Assessment and Monitoring

In this day and age, the risk of cybersecurity threats is becoming a concerning topic for organizations. Reducing the risk of data breach has become a top priority for many businesses. When it comes to minimizing risk, an often-overlooked area is third-party risk. Many organizations include an…

Measuring the Costs of Cyber Risk; Applying Lean Six Sigma Methodologies for a Customer's First Mindset

The year 2020 will be forever remembered for the impacts of how the global pandemic forced the adoption of innovative production, logistics, and workforce solutions. Many best practices emerged from the experiences of COVID-19, we continue to learn that these new methods can pay significant…

The SolarWinds Hack – It’s Time to Change the Way We Think About Cybersecurity

February 4, 2021

With many still reeling from the aftermath of the SolarWinds hack, enough dust has settled that we’ve started to ask the important questions: How did this happen? What can we do to prevent this in the future? And will it happen again? The good news is that this cyber attack is incredibly…

Municipalities: Create Measurable Value through Enterprise Risk Management (ERM) Controls

In the wake of the risks surrounding cybersecurity breaches, ever overarching regulatory scrutiny from the Office of the New York State Comptroller and the myriad other state and federal agencies, and the demands of key stakeholders, municipalities are faced with increasing audit and assurance…

We use cookies and other technologies to optimize site functionally, analyze website traffic, and share information with our service and analytics partners. To view our Privacy Policy, which discusses cookies, click here. By continuing to use & browse our services, you agree to our Privacy Policy, our use of cookies, and the Terms and Conditions.