Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Receive articles and resources from the information risk management experts at FoxPointe.
Insider threats pose a significant risk to organizations, involving individuals with access to critical systems and data. These threats can come from malicious insiders intent to cause harm, careless employees who unknowingly compromise security, or those whose credentials have been stolen by external attackers. Unlike external threats, insider attacks can...
Multi-Factor Authentication (MFA) is a comprehensive approach to authenticating users, relying on two or more credentials to verify an individual’s identity. Typically, these credentials are chosen to be: Something you know (i.e., a memorized password) Something you have (i.e., a physical access badge or smartphone) Something you are (i.e., a...
Introduction Fraud risk mitigation is crucial in business operations to safeguard assets, maintain financial integrity, and uphold the trust of stakeholders. The impact of fraud can be devastating, leading to significant financial losses, reputational damage, and legal consequences. Implementing robust fraud risk mitigation strategies helps to prevent and detect fraudulent...
Since 2004, October has been marked as National Cybersecurity Awareness Month. This month raises awareness about the importance of cybersecurity and how to protect yourself from cybercrime. Perform third-party due diligence on all critical vendors. Ensure that they have either a SOC2 report or a similar certification that covers the...
A SOC 3 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 21, focuses on a service organization’s controls that are likely relevant to examining a user entity’s (customer’s) service commitments and system requirements. SOC 3 reports cover a service organization’s security, availability, processing integrity, confidentiality, and...
Based on Verizon’s 2024 Data Breach Investigations Report, the public administration, finance, professional, manufacturing, and education industries are the most popular targets for cyber criminals. The most common attacks occur through ransomware, phishing emails, desktop sharing, virtual private networks, and web applications. All of which have led to an increased...
Maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) Security and Breach rules is not a one-time effort. It’s an ongoing project that spans the entire life of your organization. With the rise of new and emerging changes in work environments, evolving technologies, and increasingly sophisticated criminal methods,...
A SOC 1 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 21, focuses on a service organization’s controls that are likely to be relevant to an examination of a user entity’s (customer’s) financial statements. SOC 1 reports cover a service organization’s business process control objectives and...
In today’s business world, companies depend on third-party vendors for everything from IT support to supply chain logistics. While these partnerships offer many benefits and efficiencies, they also come with added risks. Effective Vendor Risk Management helps businesses continually identify and manage risks, protecting them from potential security breaches and...
The European Union’s General Data Protection Regulation (GDPR) sets a high standard in the world of global data privacy and security. Known for its strict requirements and robust enforcement, the GDPR poses a considerable challenge for companies within its reach. However, for businesses planning to expand into the United States,...
Ensuring the security of data and computer systems is an ongoing battle for all businesses operating in the digital age. The stakes have always been high with a company’s reputation and financial stability on the line. Over the past few years, large data breaches have affected healthcare companies, financial institutions,...
