OUR THOUGHTS ON:
Cybersecurity

SORT OPTIONS: Most Recent | Most Viewed

New features for enhanced password protection in Azure Active Directory

In a previous Our Thoughts on Article, we described a threat to organizations known as password spraying, in which an attacker attempts to login to all ... read more >

Using Your Mail Server Against You

Occasionally on penetration testing/ethical hacking engagements we encounter misconfigured mail servers which creates an opportunity to either gather information ... read more >

Better Understanding PCI Penetration Testing Requirements

If your company takes credit cards, you may be wondering if you are required to have a penetration test. In the past, it had been voluntary, but with PCI ... read more >

What is the SEC Looking For in Your Internal Control Environment?

This Article was co-written by Nicole Saldamarco At the recent AICPA year-end conference, SEC staff members indicated that they will be looking more closely ... read more >

Understanding Cyberthreats in our Energy Infrastructure

Cybercrime Motive Most cyberattacks are simply motivated by money – revenue from cybercrime has reached nearly $1.5 trillion per year. The majority ... read more >

SOC 2 Examinations - What Are the Trust Services Criteria and Categories?

The 2017 Trust Services Criteria (TSC), which superseded the 2016 Trust Services Principles and Criteria (TSPC), serves as the control criteria for attestation ... read more >