If this company had even the smallest cybersecurity presence on staff, they would have known that MOST industrial espionage is an inside job. In fact, there was more than a 50% chance that the source code was being stolen from within its own walls.
Is your company being asked for a SOC 2 attestation by your customers? SOC 2 stands for Service Organization Control 2, which reports on various organizational controls related to the five Trust Service Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. It is an audit conducted by an authorized CPA firm, adhering to rules and a framework provided by the AICPA (American Institute of Certified Public Accountants).
This is part of a series of blogs intended to both inform and provide potential solutions and resources to protect organizations of all sizes and industries from the perils of being a “connected” entity. In this follow-up, I explain the source and nature of the most recent and, potentially, most financially devastating of cyberattacks: Ransomware.
Most days, a Compliance Officer walks into their office and does one of many routine activities required by the Bank Secrecy Act or the PATRIOT Act. All of that changed on January 1, 2021 when the U.S. Senate voted to supersede former President Trump’s veto of the National Defense Authorization Act; legislators passed it into law and it includes the Anti-Money Laundering Act of 2020 (AMLA).
This is a follow-up to my previous blog title, The Importance of Cybersecurity Compliance. In that article, I explain why organizations of all types and sizes should embrace good cybersecurity practices to protect their organization’s people and information assets. I also outlined three of the many cybersecurity compliance frameworks that provide best practice guidance in achieving good cyber-health (ISO, NIST, and CMMC).