Receive articles and resources from the information risk management experts at FoxPointe.
By Jessica Ramirez Artificial intelligence (AI) has been a trending topic that we have been exploring and discussing as it continues to rapidly advance technologically. One thing to keep in mind as AI advances, is how this impacts professional settings. An organization must understand the advantages and disadvantages that AI...
Outsourcing Cybersecurity Functions This article was written by Emily Mosack In today’s digital landscape, where cybersecurity threats are constantly evolving, organizations face the challenge of staying ahead of malicious actors while managing limited resources and expertise. One solution gaining momentum is outsourcing cybersecurity functions to specialized external providers. What is...
In today’s rapidly evolving digital landscape, the protection of sensitive information and the preservation of digital assets have become paramount, as has a full and accurate understanding of the controls in place. As organizations navigate the intricate realm of cybersecurity, the role of a Chief Information Security Officer (CISO) has...
Today’s organizations face numerous cybersecurity challenges, and one of the most insidious threats is social engineering. Cybersecurity is often associated with technical vulnerabilities and sophisticated defenses; however, social engineering leverages human reactions and psychology to gather information and perform attacks. This article aims to shed light on the key principles...
This article was written by Brandon Agostinelli. The Cybersecurity and Infrastructure Security Agency (CISA) defines Multi-factor authentication (MFA) as: “a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. MFA...
Cyberattacks February 24, 2022, Russia began its large-scale military invasion of Ukraine, one of its neighboring countries. Many international organizations, like Apple and Volkswagen, have taken a stance by applying sanctions against Russia in hopes of encouraging Russia’s President, Vladimir Putin, to stop its invasion without starting a world war....
By: Christopher Salone, CISA CCSFP, MBA This past year proved to be a year of rapid development for the cybersecurity and IT landscape. As new threats emerged, others continued to develop and evolve. Throughout the year, the FFIEC, in an effort to help its institutions combat these threats, issued new...
Payment Card Industry (PCI) governance program Typically, the two primary goals of a company’s Payment Card Industry (PCI) governance program are to meet the intent of applicable controls and reduce the scope of PCI Data Security Standards (DSS) requirements enforced on the company’s environment. However, many companies do not meet...
Data Security Our workplaces have become more mobile than ever before, largely due to advancements in technology being used by businesses for communication and collaboration. The circumstances related to the COVID-19 pandemic have expedited this movement by forcing most businesses and organizations out of their offices and into remote work...
What is a SOC 1 Report A SOC 1 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 18, focuses on a service organization’s controls that are likely to be relevant to an audit of a user entity’s (customer’s) financial statements. SOC 1 reports cover a service...