About Christian White

Christian is a strategic business partner, helping companies navigate IT initiatives and compliance projects. His experience includes coordinating and managing compliance projects, executing IT risk assessments, Cybersecurity advisory, and IT strategy. Additionally, Christian has extensive experience leading organizations, establishing corporate training programs, implementing change initiatives, and managing complex projects for international clients.

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report?

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report.  Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.

What is the difference between SOC 2 and SOC for Cybersecurity?

Overview of the SOC for Cybersecurity

In 2017 the AICPA published guidance on a new cyber security risk management examination, System and Organization Controls for Cyber Security (SOC for Cybersecurity).  This SOC for Cybersecurity examination was created to address the growing need for reporting and attestation over an organization’s cyber security posture.

The SOC for […]

Wannacry Ransomware & Mitigation Steps

A major cyberattack took place this past week. The attack impacted organizations in over 100 counties including the British National Health Service, FedEx, Spanish telecom company, Telefónica, and multiple universities in Asia.

The culprit is the Wannacry ransomware worm. The worm is most commonly introduced through infected email. When the user clicks on the infected attachment, the malware starts running and propagates […]