Our Cybersecurity Mission

The CI:CD EpisodeSenior Solutions Developer Peter Kraus sits down to talk all things CI/CD—what it is, why it matters, and how it keeps modern development moving fast without breaking things. Along the way, the conversation takes a nostalgic detour to the early days of the internet, including a nod to MySpace. So be honest… who was in your Top 8? At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve. Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The IOT Episode“Hey Alexa…” We all have them—but what are IoT devices, really? As helpful as Internet of Things technologies can be, what risks do they introduce along the way? In this episode, Steven Collins sits down with host Allie Krings to unpack the reality of IoT devices, from smart homes to smart workplaces. Is the risk the same at home as it is on the job? Tune in for a practical look at convenience, security, and what users should know before plugging in.At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserveReady to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

In this episode, host Allie Krings sits down with Mark Hinely, VP of Privacy Assurance Services, to demystify website privacy. What does it really mean when you opt in - or opt out? What responsibilities do websites have when it comes to handling your data? And what actually happens when a website doesn't follow through? Take a listen as they break down expectations, risks, and real-world implications. At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join our cybersecurity mission: https://kirkpatrickprice.com/podcast/. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today: https://kirkpatrickprice.com/contact/? and learn how we can help you meet your toughest goals. Explore the podcast!KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Founder and President Joseph Kirkpatrick welcomes his favorite CTU hacker—24’s Chloe O’Brian, portrayed by Mary Lynn Rajskub—for a conversation where the clock2. 3. is always ticking. Together, they unpack Hollywood hacking, real-world cybersecurity, and the TV magic of high-pressure threat scenarios—while having a little fun acknowledging that Mary Lynn is an actress, not an actual cybersecurity expert. Expect insight, laughs, and a reality check on what it really takes when every second counts. At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Host Allie Krings met with Senior Solutions Developer, Riley Radoll to learn more about his journey into development. Want to learn more? Check out our ResourcesAt KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The XSS EpisodeHost Allie Krings met with penetration tester Brian Lowe to uncover how Cross‑Site Scripting (XSS) lets attackers misuse websites in surprisingly simple ways. XSS matters because even small vulnerabilities in everyday sites can lead to major security breaches that affect both individuals and organizations. Tune in to hear their breakdown of real‑world examples and learn how to protect yourself and your applications.Dangers of XSS Attacks at Healthcare OrganizationsPCI Requirement 6.5.7 - XSSKirkpatrickPrice Penetration Testing ServicesAt KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The GWEB EpisodeWeb applications are one of the most attacked surfaces today. Is your team prepared to defend them? In this episode, Greg Ciampa, Chief Technology Officer at KirkpatrickPrice, breaks down the GWEB certification and who it’s designed for, from developers to security professionals who build, maintain and protect web applications. Tune in to learn why this certification could be a smart move for strengthening both your skills and your organization’s security posture. Learn more about the certificationAt KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The Vulnerability Fix EpisodeIn this episode, host Allie Krings welcomes Aslan Konsavage, Penetration Tester at KirkpatrickPrice, to discuss vulnerability management and the significant role penetration testing plays in improving security posture.How Does Penetration Testing Protect Your AssetsThe 7 Steps of Penetration TestingPreparing for a Penetration TestWhat Should You Be Penetration Testing?At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The Doing SOC 2 Well Episode In this episode, host Allie Krings sits down with Joseph Kirkpatrick, President and Founder of KirkpatrickPrice, and Sarah Triplett, Co‑Founder of Secure Start Partners, for a practical, myth-busting conversation about SOC 2. As automation rapidly reshapes the compliance landscape, we dig into a big question: Is faster actually better when it comes to earning your SOC 2 report? Together, the trio breaks down: What SOC 2 really requires Where automation can streamline the journey Where it can derail you just as quickly How to balance speed, accuracy, and trust as your organization scales If your team is navigating SOC 2—or thinking about it—this episode will help you understand what tools can (and can’t) do for you in the compliance world. SOC 1 vs SOC 2 SOC 2 Compliance Checklist SOC 2 Video Series SOC 2 Academy (One minute videos breaking down the basics) SOC 2 FAQs At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve. Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The Mental Wellness EpisodeIn this episode, we dive beyond cybersecurity fundamentals and best practices to explore something equally important: how to care for yourself and your organization during the intense pressure of audits. Audits can be overwhelming—and the impact on mental health is often overlooked.Host Allie Krings sits down with Jackson Widener for an honest conversation about navigating stress, building resilience, and supporting teams through the audit process.Connect with Cybersecurity Minds of Colorado (Welcome to all). At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

The Privacy Regulations EpisodeIn this episode, Host Allie Krings sits down with Gene Fry to learn more about Privacy Regulations. Understanding privacy regulations is essential to making informed cybersecurity decisions, and this podcast explains the key requirements and their impact in clear, practical terms.At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

In this episode, Host Allie Krings sits down with Suzette Corley, Privacy Auditor, to learn more about Data Subject Rights. It’s not just about checking a compliance box; it’s about building trust and keeping data safe in a world where privacy matters more than ever.  GDPR Fundamentals: Data Subject Rights & Video GDPR Personal Data and Subject Tip Sheet for GDPR Compliance Data Subjects and their Rights Data Subject Access Request Tips  At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve. Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Senior Professional Writer Nathan Stephens breaks down policy writing. Join Our Cybersecurity Mission. Expect the Unexpected. Getting started with a BCP video. Getting started with a BCP recap blog. Testing Your BCP. BCP Checklist.We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

When we think of cybersecurity, we often picture protecting online systems and data—but physical security is just as critical. In this episode, lead practitioner Steven Collins explains why safeguarding your physical space and assets matters, and shares practical steps you can take to secure your environment. Physical Security Policy in a Remote World Physical Security Threats in AWS Creating a Physical Security Policy Physical Safeguards in HIPAA Physical Security & Pentesting SOC 2 Common Criteria 6.4  At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve. Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission. In this episode, Privacy Auditor Suzette Corley dives into ISO 27701.  ISO 27701 – Information Security and Privacy Management Systems: https://www.iso.org/standard/27701 2 Minutes on ISO 27701 KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Show Notes: The Monitoring and Enforcement Episode KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Vice President of Privacy Assurance Services, Mark Hinely shares the importance of monitoring and enforcement. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission Monitoring Best Practices Improper Disclosures Tools and Techniques Internal Monitoring  We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Senior Pentester Duncan Wooselybreaks down open source intelligence (OSINT) and how hackers use it to their advantage.  Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission Threats never stop. Your defenses shouldn’t either. Our ethical hackers simulate realworld attacks, uncover vulnerabilities, and guide you through remediation. Ready to strengthen your security posture? Connect with a penetration testing expert.  KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Alan Wilemon dives deep into the world of privacy practices, shedding light on why reading the fine print isn’t just a chore—it’s a crucial step in protecting your digital life. He explores the vital role of Choice and Consent in cybersecurity, offering insights that challenge common assumptions and encourage proactive decision-making. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Lead Practitioner Shannon Lane dives into Configuration Management and how audits can keep your systems strong and secure. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Show Notes: The Data Use, Retention and Disposal Episode KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Vice President of Privacy Assurance Services, Mark Hinely shares the ins and outs of data use, retention and disposal. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  What is “Personal Data”: https://kirkpatrickprice.com/blog/what-is-gdpr-personal-data-and-who-is-a-gdpr-data-subject/ Only have a minute? Data Use, Retention and Disposal: https://www.youtube.com/watch?v=94lxoxpVy4k Ensure Proper Disposal and Destruction: https://www.youtube.com/watch?v=i-2t2wtOHGk Data Retention Policy: https://www.youtube.com/watch?v=lARJcjKaSU8 FREE downloadable resource: https://kirkpatrickprice.com/white-papers/privacy-compliance-101/ We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert.  KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, founder and President Joseph Kirkpatrick shares the why behind the mission of delivering quality audits and what sets KirkpatrickPrice apart. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-missionWe believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert.KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Show notes: The Security Fundamentals EpisodeKirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, Veryl White breaks down security fundamentals and data privacy. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-missionOnline Safety and Privacy ResourcesNational Cybersecurity AllianceParental Internet Safety GuideClean Desk Policy Telework Guidance and ResourcesTop tips for working more securely from homeSANS Work-from-Home Deployment Kit Securing the remote workforceSecure BYOD & Corporate DevicesMobile Device Management Best Practices Top 18 Critical Controlshttps://www.cisecurity.org/controls/cis-controls-listKirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Our Cybersecurity Mission is here to elevate the standards for cybersecurity and compliance. In this episode, Walter Haydock, the founder of StackAware, shares insights on the ISO 42001 certification process. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  Walter Haydock: https://www.linkedin.com/in/walter-haydock/ Learn more about StackAware: https://stackaware.com StackAware Resources:  http://products.stackaware.com/ ISO 42001 email course AI governance templates KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert.   Learn about the common frameworks: SOC 1 https://www.youtube.com/watch?v=4bvT5zGXMRQ  SOC 2 https://www.youtube.com/watch?v=eWO9Ql4w4gY  PCI DSS https://www.youtube.com/watch?v=mlqsv6bPo_s  HIPAA https://www.youtube.com/watch?v=Vak79kIt1Uc  ISO 27001 https://www.youtube.com/watch?v=sYO-WvJh1No  HITRUST https://kirkpatrickprice.com/audit/hitrust/  NIST https://kirkpatrickprice.com/audit/nist/  Readiness Resources Upload your security policy for a 20-point check https://explore.kirkpatrickprice.com/information-security-policy/explore  Schedule a risk assessment workshop https://explore.kirkpatrickprice.com/workshops  Run a free cloud security posture assessment scan https://explore.kirkpatrickprice.com/aws/audit  At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals?  Connect with an expert.  KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission   Our rapid response team had three specialized roles on it:  Duncan – Pen TestingEric – IT  Alan – Privacy The first step in responding to this incident was discovery. This is part of the phase known as detection and identification. Duncan identified what type of data was taken and what methods were used.  Communication is a critical piece for incident response. Communicating with the coworkers who reported the incident, executive management to get context about the issue, technical personnel to know what controls are in place, etc.  The reason a privacy specialist was involved with the team was to analyze what kind of data was involved and what regulatory requirements might apply. This is important because it affects notification responsibilities. Prepare The best time for incident response is BEFORE an incident occurs. Prepare now by making decisions about how you’ll react WHEN an incident occurs. You can walk through a scenario today for what you’ll do if an employee takes data they shouldn’t.  Lessons Learned What policies and procedures need to change? What controls should be adjusted? Are there areas where response time could have been different? What training is needed? Incident Response Recommendations and Considerations for Cybersecurity Risk Management – NIST 800-62r3 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r3.pdf SANS Incident Response Framework https://www.sans.org/security-resources/glossary-of-terms/incident-response KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission Did you know Mike Wise’s grandfather was one of the Tuskegee Airman fighter pilots in World War II? Henry A. Wise Jr. served from 1942 to 1946 and also spent 3 months as a prisoner of war after being shot down in Romania. Dr. Wise served as a physician at Prince George’s Hospital Center and became the medical director at Bowie State University. What is re:Inforce? AWS re:Inforce is an annual, immersive cloud security event, uniting attendees seeking actionable steps for raising security posture and sponsors showcasing cutting-edge solutions. Securing generative AI: A baseline in the security landscapehttps://www.youtube.com/watch?v=olJw35dPJR0 Check out all the sessions from this year’s re:Inforce conferencehttps://www.youtube.com/playlist?list=PL2yQDdvlhXf9XkXzO5bXvtMaio6gAcdmN Securing Agentic AI – OWASP threats and mitigationshttps://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/ Request a public certificate in AWS Certificate Managerhttps://docs.aws.amazon.com/acm/latest/userguide/acm-public-certificates.html Amazon GuardDuty expands Extended Threat Detection coverage to Amazon EKS clustershttps://aws.amazon.com/blogs/aws/amazon-guardduty-expands-extended-threat-detection-coverage-to-amazon-eks-clusters/ Improve your security posture using Amazon threat intelligence on AWS Network Firewallhttps://aws.amazon.com/blogs/security/improve-your-security-posture-using-amazon-threat-intelligence-on-aws-network-firewall/KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

Our Cybersecurity Mission is here to elevate the standards for cybersecurity and compliance. In this episode, Walter Haydock, the founder of Stack Aware, shares insights on the risks and benefits of Generative AI, including tools on how to leverage AI in your business. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  Walter Haydock: https://www.linkedin.com/in/walter-haydock/ Learn more about Stack Aware: https://stackaware.com Stack Aware Resources: http://products.stackaware.com/ Generative AI Webinar recap: https://kirkpatrickprice.com/blog/webinars-events/data-security-for-generative-ai-a-webinar-recap/   Partner with KirkpatrickPrice to Securely Incorporate AI Into Your Compliance Programs: We know that change can be uncomfortable, especially when it comes to your organization’s security and compliance, but you don’t have to face it alone. Our experts stay up to date on the latest cybersecurity developments, so you don’t have to feel overwhelmed. If you have questions about anything that was mentioned in the webinar or are wondering if a certain AI tool is right for your organization, connect with a KirkpatrickPrice expert today.   KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission Jeff Pochily’s background https://www.linkedin.com/in/jeffreypochily/ Vulnerability Databases https://nvd.nist.gov https://vuldb.com https://www.cve.org Open Bug Bounty Security Researchers https://www.openbugbounty.org/researchers/top/   Recommended vulnerability management controls Documented vulnerability management policies and procedures Assignment of responsibility for vulnerability management to a qualified resource Vulnerability assessment during development Code reviews for secure coding compliance and software vulnerabilities Ranking security vulnerabilities by impact Documented asset inventory Documented inventory of bespoke and custom software, and third-party software components Consistent patch management process Subscription to vulnerability notification services Manual or automated application vulnerability assessment methods Consistently update container deployment tools and images Internal vulnerability scans External vulnerability scans Internal penetration testing External penetration testing Application penetration testing Consistent remediation process for scan and pen test findings KirkpatrickPrice scripts to check your systems https://github.com/orgs/kirkpatrickprice/repositories Cybersecurity & Infrastructure Security Agency https://www.cisa.gov/topics/cyber-threats-and-advisories  KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/107184577/admin/dashboard/ISO 27001 – Information Security Management Systems: https://www.iso.org/standard/27001What's new in the 2022 version: https://kirkpatrickprice.com/blog/web...Annex A Control 5.35 – Independent Review You have to conduct an independent review of your ISMS, which could be an external party or an operationally-independent internal resource. ISO 27001 Certification Bodies ·       British Standards Institute (BSI)·       Mastermind Assurance·       Performance Review Institute (PRI)Stage 1 Audit Report  Minor nonconformities  These are not seen as serious. You must develop, follow, and complete your own internal Corrective Action Plan (CAP) before Stage 2. You are not required to send your CAP for minor nonconformities at Stage 1. Major nonconformities  You need to produce a CAP for the certifying body with all actions completed before Stage 2. You need to submit your CAP before scheduling Stage 2. Send your CAP to your auditor.   Stage 2 Audit Report  Minor nonconformities  A written Corrective Action Plan (CAP) must be sent to your certification body. A certification decision is made. The CAP will be reviewed by your Client Manager and details the nonconformity, the cause, the proposed corrective action, who is responsible and the date the action will be implemented; you will have five working days to do this.Major nonconformities  If a major nonconformity is raised or remains outstanding from Stage 1, an additional visit will need to be booked; this is to confirm the implementation of an effective CAP. This additional visit will take place within 30 days; however, you may request to have the visit earlier. Major nonconformities must be addressed within six months of the assessment and prior to the issuance of the certificate. Send your CAP to your Client Manager.Opportunities for Improvement  When conducting an audit, your Client Manager may encounter a situation that doesn’t qualify as a nonconformity, but could improve your system. These Opportunities for Improvement (OFI) are revealed during the audit process and include any suggestions for improvement, as well as any findings that could lead to potential nonconformities. While it’s not required to include OFIs in your CAP, your Client Manager will include them in your auditing report to encourage continual improvement. KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  Cherry Kent Cherry Kent | LinkedIn  Incident Response Resources Incident Response | KirkpatrickPrice  Find a Forensics Response Provider 24x7 Cyber Incident Response Services | Cyber Risk | Kroll Incident Response (IR) Cybersecurity Services | CrowdStrike Mandiant Incident Response Services | Google Cloud  SOC 2 Trust Services Criteria SOC 2 CC7.2 SOC 2 CC7.3 SOC 2 CC7.4 SOC 2 CC7.5  HIPAA Audit Protocol 164.308(a)(6)(i) Security Incident Procedures   Obtain and review documentation demonstrating that security incident policies and procedures are implemented. Evaluate and determine whether policies and procedures are appropriate for addressing security incidents and are in accordance with related policies and procedures.   Incident Response Playbooks Incident response playbooks | Microsoft Learn Cybersecurity Incident & Vulnerability Response Playbooks NIST Incident Response Recommendations and Considerations for Cybersecurity Risk Management AWS Security Incident Response User Guide  Free Risk Assessment Review Do you ever find it difficult to get help on complex cybersecurity or compliance topics? Is it frustrating to navigate the overwhelming amount of information that is out there but you can't actually talk to anyone about your specific situation? Upload your latest risk assessment and a KP expert will review it and make personalized recommendations to you: Risk Assessment Audit | KirkpatrickPrice KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission 

KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission  Learn More About KirkpatrickPrice: https://kirkpatrickprice.com/about-us/  Quality Audits:https://www.youtube.com/watch?v=Sfawv5dP8TQ  Get Ready for Your Audit with a Growth Mindset: https://www.youtube.com/watch?v=M0TwTiWG5P8 mhttps://explore.kirkpatrickprice.com/learn/risk-assessment  Our Auditors are Different than Most https://kirkpatrickprice.com/meet-the-kirkpatrickprice-auditors/  Free Risk Assessment Review Do you ever find it difficult to get help on complex cybersecurity or compliance topics? Is it frustrating to navigate the overwhelming amount of information that is out there but you can't actually talk to anyone about your specific situation? Upload your latest risk assessment and a KP expert will review it and make personalized recommendations to you:  https://explore.kirkpatrickprice.com/risk-assessment/audit  KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission