Many laws and requirements affect businesses today and the topic of privacy is receiving extra attention from auditors and regulators. However, it is not just about laws and compliance. There are many motivators driving businesses to be more responsible with a consumer’s personal data such as:
Something I have learned in over 20+ years of experience in the IT audit realm is simply that “a widget by another name is just a widget and the same or similar controls and security measures need to be applied to these as has been done during past IT security and control type reviews/projects/audits”. In this case we are...
Traditionally, an organization’s Chief Information Security Officer (CISO) and Chief Marketing Officer (CMO) haven’t had significant overlap when it comes to day-to-day roles and responsibilities. The CMO focuses efforts on brand growth and marketing strategy. The CISO on the other hand has been more focused on architectura...
The information security challenges faced by organizations are dependent on the unique characteristics of the business. This means there is no one “right” answer for where the CISO sits on the org chart. The strategic goals, risk management strategy, and maturity of your organization are all key factors in determining the m...
The Mako Group has hired Charlie Harris as Cyber Risk Advisor. In this position, Harris will continue to develop client relationships within the Michigan market and will utilize his industry knowledge in an effort to assist The Mako Group’s clients with the multiple cybersecurity challenges they face in today’s business env...
How are you sure that your employees are only using approved applications? Odds are, you are not sure at all. This is an issue come to be known as “shadow IT”. Shadow IT is a real problem within the modern work environment. Basically, it is an information technology (system, application, etc.) being used without approval. C...
Penetration testing is becoming a staple assessment for many organizations as more regulations are requiring third-party assessments and organizations are performing their own due diligence reviews. Unfortunately, penetration testing is becoming a bit of a commoditized service as more and more organizations enter this space...
