Baker Tilly
Contact us
cybersecurity

Cybersecurity

Proactively protect and address your cybersecurity and information technology (IT) risks.

Cybersecurity

  1. Article
    Client status meeting to discuss project success

    Navigating an uncertain future: Key trends for internal audit leaders in the insurance industry

  2. Whitepaper
    dynamic data and technology visualization

    Best practices for a healthcare data conversion 

  3. Multimedia
    Students walking to class on a college campus

    Higher education internal audit: Going back-to-basics for effective risk management and compliance

  4. Webinar
    Adapting to NIST CSF 2.0: Navigating changes and challenges in higher education

    Adapting to NIST CSF 2.0: Navigating changes and challenges in higher education

  5. Resource
    cyber resilience

    Cyber resilience: A guide to navigating modern risks

  6. Multimedia
    Cybersecurity and IT risks - Higher education internal audit back-to-basics

    Cybersecurity and IT risks

  7. Article
    cyber cords crossing

    Learning the hard way: Why cybersecurity failures need to be shared

  8. Webinar
    ai cybersecurity and data governance risks

    AI: How to manage cybersecurity and data governance risks

  9. In the News
    Team of IT professionals working on program in office

    Security Breach: Inside the Growing Complexity of Ransomware Hacking Groups

  10. In the News
    Cybersecurity data on computer

    What CrowdStrike Outage Can Teach Us About Vendor Risks

  11. Multimedia
    Cybersecurity data on computer

    CrowdStrike: the aftermath

  12. Webinar
    cmmc scoping

    CMMC scoping: How to ensure your scope is ready for assessment

  13. Article
    digital opportunities for the public sector

    Top five digital opportunities for the public sector

  14. Article
    cybersecurity program program management and governance

    Elevate your cybersecurity program: Integrating program management and governance

  15. In the News
    Team of IT professionals working on program in office

    CrowdStrike Event Cyber Losses Could Reach Into Billions

  16. In the News
    Blue lighting in server room

    Major IT outage will challenge insurance coverages

  17. Resource
    ransomware prevention

    Ransomware prevention guide

  18. Article
    Colleagues discuss strategy while walking through the office

    Navigating the modernization of SEC's Regulation S-P 

  19. Article
    cloud service providers cmmc

    Cloud service providers, FedRAMP “Equivalency” and CMMC

  20. Article
    Combating NFP cybercrime with a proactive cybersecurity strategy

    Combating NFP cybercrime with a proactive cybersecurity strategy

  21. Webinar
    Hikers climb a rocky path

    Not-for-profit governance and fiscal workshop 2024

  22. Article
    NIST releases new version cybersecurity framework (csf)

    NIST publishes major revision to Cybersecurity Framework (CSF): What organizations need to know

  23. Multimedia
    IT professionals working at table together in office on cybersecurity

    Action plan to reduce the threat of cyber risk

  24. Article
    enhancing cybersecurity identity access management

    Enhancing cybersecurity through identity and access management

  25. Article
    Abstract white waves

    Cybersecurity in finance and unclaimed property

  26. Article
    key cybersecurity trends industry leading reports

    Key cybersecurity trends from industry-leading reports

  27. Article
    cmmc rulemaking where are we now

    CMMC rulemaking: Where are we now?

  28. Webinar
    People looking at financial plans and budget

    Effective compliance programs in a fast moving company

  29. Webinar
    Conference attendees network at an event

    Haute Culture: designing a culture that drives performance and mitigates risk

  30. Webinar
    People looking at financial plans and budget

    Data-driven compliance programs

  31. Webinar
    Cybersecurity data on computer

    Cybersecurity, ransomware and AML implications

  32. Webinar
    Professional programmer working in office on cybersecurity

    Business Email Compromise: fastest growing, most financially damaging internet crimes

  33. Resource
    Baker Tilly Fraud Summit

    Baker Tilly Fraud Summit 2024

  34. Article
    soc readiness faq

    SOC readiness FAQ: Examining the basics and complexities

  35. Article
    2024 cybersecurity landscape threats and opportunities

    Cybersecurity on the horizon: Preparing for 2024’s threats and opportunities

  36. Article
    Team members meet in conference room with plants

    Enter strategic partnerships with confidence when utilizing proactive assurance

  37. Podcast
    healthcare finance

    Healthy Outcomes: Navigating the current state of healthcare finance

  38. Article
    Chatting with artificial intelligence chatbot on computer

    Leading practices for modernizing data governance for growth: What your organization needs to know

  39. Article
    securing your organization vulnerability management

    Securing your organization: A practical approach to vulnerability management

  40. Article
    dynamic data and technology visualization

    Navigating cyber risks in 2024: Insights, controls and strategies for financial institutions

  41. Webinar
    soc readiness prepare for soc examination

    SOC readiness: What it takes to prepare for a SOC examination

  42. Case Study
    ev manufacturer internal control material weaknesses

    EV manufacturer addresses internal control material weaknesses through comprehensive assessment

  43. Article
    vendor risk management vendor ecosystem

    Vendor-risk management: Evolving a healthy vendor ecosystem

  44. Article
    Thumbprint used for increased security

    What’s keeping you up at night? Cybersecurity considerations for NFP leaders

  45. Whitepaper
    Abstract digital header

    2024 Cyber Predictions e-book

  46. Article
    penetration testing versus vulnerability scanning

    Penetration testing vs. vulnerability scanning: Understanding the key differences

  47. Article
    Medical team meets to discuss patient care

    NAIC survey reveals continued growth of AI within life insurance industry

  48. Article
    Business professionals walking

    2023 Banking industry key takeaways: Preparing your bank for 2024

  49. Article
    active participation in meeting

    2023 Year-end insurance industry key takeaways

  50. Article
    consultants discuss family office real estate

    2023 Asset management industry key takeaways and preparing for 2024

  51. Article
    Professional uses data analytics to prepare reports

    Establishing a framework for practical data governance in the insurance industry

  52. Webinar
    College and university auditors can implement an effective cybersecurity incident response

    How to audit cyber incident response

  53. Case Study
    healthcare phishing campaign

    Healthcare organization tests technical security controls and internal security awareness training with phishing campaign

  54. Article
    ai phishing threat to organizations

    Bad actors using AI to target businesses via business email compromise (BEC)

  55. Webinar
    hitrust concepts from the field

    Lessons from the field: Concepts to know for sustainable success in your HITRUST journey

  56. Article
    Cybersecurity strategy for multiple devices

    Don't let your NFP be a target for cybercriminals

  57. Article
    Team of IT professionals working on program in office

    Three Lines Model offers a logical risk management framework

  58. Webinar
    navigating cybersecurity nfp

    Navigating cybersecurity: A 360° perspective from NFP, Baker Tilly and the C-Suite

  59. Webinar
    due diligence with a SOC 2 examination

    How to bolster vendor due diligence with a SOC 2

  60. Article
    common challenges key considerations SOC report

    Common challenges and key considerations when using or reviewing a SOC report

  61. Article
    Capitol building reflection at sunrise

    Strategies to address the new SEC cyber disclosure rule (and how to do it!)

  62. Article
    Man analyzes code on phone to that on the computer

    Technology and its implications on class action

  63. Article
    Sun reflecting off of colorful building

    The rise of proactive assurance, and why it’s here to stay

  64. Article
    U.S. Capitol Building reflecting on water in Washington, D.C.

    New SEC cyber incident disclosure marks first-time cybersecurity disclosure requirement across the capital markets

  65. Article
    zero trust security model verify

    Never trust, always verify. But how?

  66. Case Study
    private jet company undergoes network scanning’

    Network scanning tools test prove private jet charter company's wireless network is secure

  67. Case Study
    grocery stores undergo vulnerability scanning

    Multilocation grocery store enhances internal IT practices as a result of vulnerability scan

  68. Case Study
    financial services company confirms security to minimize risk

    Financial services company confirms security of web-facing applications and minimizes risk

  69. Case Study
    city external penetration test

    City identifies weaknesses in security protections after external penetration test

  70. Article
    Risks and controls RPA solutions

    Identifying risks and controls when implementing RPA solutions in a SOX environment

  71. Article
    IT professionals working at table together in office on cybersecurity

    The missing piece of your network security

  72. Article
    Team members discuss strategy in a meeting

    HITRUST FAQ

  73. Podcast
    Closeup view of cables in server room protecting from cyber attacks

    Healthy Outcomes: The current state of cybersecurity in the healthcare industry 

  74. Article
    Business meeting at conference table with professionals walking by

    SOC FAQ

  75. Webinar
    Lights and cables running through server room

    Modern compliance

  76. Webinar
    Building facade

    Fraud fight: the growing pressure to do better at finding fraud

  77. Webinar
    Team of IT professionals working on program in office

    Cash flow, gender and internal controls

  78. Webinar
    Office building courtyard with trees

    Environmental, social and governance (ESG) discussion

  79. Webinar
    Woman interacts with data

    Digital asset governance

  80. Resource
    Baker Tilly Fraud Summit

    Baker Tilly Fraud Summit 2023

  81. Webinar
    Consultants review software development code

    Strategy check: evaluating your cyber program to strengthen assurance

  82. In the News
    ransomware attack at a business

    More Malware, Less Ransomware in Higher Ed

  83. Resource
    Professional walking through office using digital tablet

    Governance dashboard for market intelligence

  84. Webinar
    Digital connectivity displays on world map

    Data analytics as the silent whistleblower

  85. Article
    University campus during the daytime

    How higher education and research institutions may benefit from using HITRUST to navigate research data security requirements

  86. Case Study
    software automation data screen

    Testing of software company's web portal boosts confidence in security measures

  87. Case Study
    Data dashboard coming out of laptop

    Multinational government contractor updates training after phishing prevention campaign uncovers vulnerabilities

  88. Case Study
    Cookies being produced in factory

    Food producer improves network security after disabling unused networks

  89. Case Study
    Rising interest rates, financial growth

    Debt consolidation company closes security vulnerability after successful external penetration testing

  90. Case Study
    Cars lined up on display at dealership

    Multilocation car dealership updates patching inventory after internal vulnerability scan

  91. Article
    Energy plant with abstract data points

    Energy and utilities sector faced with cybersecurity risks

  92. Article
    Woman at a computer analyzing data

    NIST 800-53 Revision 4 to Revision 5 comparison tool

  93. Article
    Two professionals meet at a computer to review analytics

    Four key concepts to consider when using advanced reporting solutions in your SOX program

  94. Article
    Together, team members climb a mountain to reach the summit

    Getting risk appetite right in uncertain times

  95. Article
    Abstract circle arches

    Dynamic risk landscape creates challenges regarding talent, cybersecurity and ESG

  96. Article
    Man looking at data points

    Data mapping: building a strong foundation for cybersecurity and data privacy

  97. Webinar
    Data dashboard coming out of laptop

    Cybersecurity trends: what to expect in 2023

  98. Article
    casual work space office

    How to build an effective IT audit team during a time of skilled resourcing shortages

  99. Whitepaper
    Thumbprint used for increased security

    2023 Cyber Predictions

  100. Article
    Data-driven manufacturing

    Top 5 manufacturing and distribution cybersecurity risks

  101. Article
    Consultants review software development code

    Cybersecurity risks affecting software and technology companies

  102. Article
    Man looking at window of data

    Are you overlooking a key component to cybersecurity risk management? 

  103. Article
    cyber risk manufacturing distribution

    Reducing cyber risk and protecting against a ‘perfect storm’

  104. Article
    team member talking digital screen

    Panel discussion: Smart buildings ARE networked systems

  105. Article
    Colleagues walk down the stairs in discussion

    What's changed with SOC 2?

  106. Webinar
    Closeup of circuitry on computer

    Top cyber trends and emerging risks in the insurance industry

  107. Article
    people office

    Top five cybersecurity and IT audit trends that most impact an organization’s ability to respond to today’s challenges

  108. Whitepaper
    Building courtyard with trees

    The evolving risk landscape

  109. Article
    risk_touching_gears

    Utilizing penetration testing to enhance internal audit activities

  110. Article
    Team collaborates on client project

    Easing cyber insurance woes using key controls 

  111. Podcast
    Cybersecurity professionals performs a risk assessment at a computer

    Higher Ed Advisor: designing an effective cybersecurity strategy to safeguard institutional data and research

  112. Article
    Team strategy meeting in conference room overlooking city

    How to manage cyber risks when cyber insurance costs rise

  113. Article
    Health plan achieving interoperability compliance

    Healthcare organizations face a daunting cybersecurity landscape

  114. Case Study
    Woman votes on a referendum on election day

    State government implements cybersecurity program to prevent ransomware attacks at election offices

  115. Article
    Data, cybersecurity on laptop

    Small business cybersecurity risk: Cyberattacks don’t care how big your business is

  116. Resource
    hands working on report

    Which SOC report is right for your organization?

  117. Article
    man protects firm from cybersecurity risks

    New York Department of Financial Services updates cybersecurity requirements for financial services organizations

  118. Article
    Woman interacts with data

    Combating the rising costs of cyber insurance: how we got here, and what organizations can do

  119. In the News
    cyber cords crossing

    Pointers on Preventing Ransomware

  120. Webinar
    woman-in-front-of-computer

    Cybersecurity vulnerabilities and CMMC update for small businesses

  121. Article
    People shaking hands at a meeting

    Cybersecurity Maturity Model Certification (CMMC) Q&A

  122. Article
    Business professionals works at office computer

    CMMC 2.0: five key changes for government contractors

  123. In the News
    Cybersecurity professionals performs a risk assessment at a computer

    Fighting an unrelenting war – how business can be safe from cyberattack

  124. Webinar
    Finger pressing data on a screen

    Research security: what auditors must know in 2022

  125. Article
    Thumbprint used for increased security

    Public sector internal auditors most concerned by cybersecurity, data and talent risks

  126. Podcast
    Programmer performs systems testing on software

    BuzzHouse: How to protect your company from cyber threats

  127. Article
    Abstract data storage

    How NIST 800-171 Revision 3 may impact CMMC

  128. In the News
    View of the U.S. Capitol Building at night

    CMMC 2.0: Five Key Changes For Government Contractors

  129. Article
    Men shake hands in a corporate office building

    Importance of obtaining a SOC 2 for your customers

  130. Article
    Closeup of circuitry on computer

    Cybersecurity and data privacy: recognizing the risks facing NFP organizations

  131. Article
    cybersecurity businessman touching web

    SEC proposes improved uniformity and comparability of cybersecurity disclosures

  132. Webinar
    Data server center

    Fraud Summit: Managing your risk against a ransomware attack

  133. Webinar
    Magnifying glass

    Important trends in white collar criminal investigations and prosecutions

  134. Webinar
    people raising hands for Q&A

    Fraud allegations and the media: a guide to surviving the spotlight

  135. Webinar
    Government building with waving flag

    Deciphering Elizabeth Holmes: what went wrong?

  136. Webinar
    Woman at a computer analyzing data

    Cybersecurity: to infinity and beyond

  137. Webinar
    Team discusses client needs in an office

    Control activities vs. control environment: how the latter drives the former

  138. Webinar
    Consultants review an audit report prior to a finance committee meeting

    Continuous auditing within the compliance program

  139. Webinar
    abstract_people_technology_city

    Beyond three lines: the collaboration imperative for connected risk

  140. Webinar
    Finance executive analyzes cash on hand report

    AML and KYC emerging trends

  141. Webinar
    man analyzing computer data

    A deeper dive into cyber crime, cryptocurrency and illicit finance

  142. Article
    Person driving a vehicle

    Building sustainable compliance for dealerships in response to the new FTC Safeguards Rule

  143. Article
    Team working to analyze data and software

    New HITRUST assessments rise to meet the need for varying assurance levels

  144. Article
    Team meeting around a computer to analyze data

    Crisis management: three things all businesses should review now

  145. Podcast
    Cybersecurity data screen

    Healthy Outcomes: The value of cybersecurity in the healthcare industries

  146. Webinar
    hands typing on laptop

    Insurers and cybersecurity: What will 2022 look like?

  147. Webinar
    Woman looking at data visualization on tablet

    Demystifying HITRUST assessment types: bC, i1 and r2

  148. Podcast
    Data analyst performs market research from various sources

    Higher Ed Advisor: Lehigh University: how cybersecurity and compliance enable revenue generation in higher education

  149. Article
    risk two people climbing a mountain

    Fraud risks in the cannabis industry

  150. Article
    Woman works on computer at night

    Mitigating cyber risk with HCM Advanced Controls

  151. Webinar
    Board meeting at a conference table

    Managing NFP cybersecurity risks through board governance

  152. Webinar
    Cybersecurity data screen

    Leveraging SOC 2 and CMMC reporting to assess compliance of your security environment

  153. Article
    abstract data

    Data Privacy Day 2022: Resolve to be in front of privacy ... not behind it

  154. Whitepaper
    hands typing on laptop

    2022 Cyber Predictions e-book

  155. Webinar
    Car lights speed through valley

    Industry perspectives on CMMC 2.0

  156. Article
    Closeup of circuitry on computer

    Managing cyber risks Part 3: business interruption losses

  157. Podcast
    Fed Talks podcast series

    Fed Talks: CMMC 2.0

  158. Article
    cybersecurity of personal health information

    COVID business shifts change but don’t stop robust HITRUST evaluations

  159. Webinar
    Professionals collaborate in team meeting

    CMMC 2.0: five changes to navigate

  160. Webinar
    NIST Cybersecurity (CSF) assessment

    How to perform a NIST Cybersecurity (CSF) assessment in seven easy steps

  161. Webinar
    protected health information

    HITRUST panel: lessons learned from a year of remote HITRUST validations

  162. Article
    information traveling to the cloud

    How to mitigate your risk when doing business on the cloud

  163. Webinar
    government contractors need to respond to new supply chain requirements

    Dealing with ever-increasing supply chain risk requirements

  164. Webinar
    Woman looking toward the future

    Utility University: Putting “now, for tomorrow” into practice

  165. Article
    Woman works on computer at night

    Ransomware: understanding the risks and recognizing the threats

  166. Article
    aerial view of a fort

    Mounting a defense in the ransomware war

  167. Article
    Team members review successful project on a tablet

    Elevating IT SOX programs through PCAOB inspection results and staff outlooks

  168. Webinar
    ransomware attack at a business

    Managing your risk against a ransomware attack

  169. Case Study
    Team of consultants analyzes data on the computer

    Investment firm manages risks across large portfolio through ongoing cyber health checks

  170. Case Study
    speed of technology blur

    NCDIT simultaneously undergoes HITRUST and NIST 800-53 readiness

  171. Webinar
    People looking at cybersecurity screens

    Cybersecurity risk management: mitigating vulnerabilities in the cloud

  172. Article
    Professional working remotely

    Cybersecurity awareness remains key for post-pandemic remote workforce

  173. Article
    Supply chain risk management

    Beyond the headline: examining the Biden cybersecurity executive order

  174. Article
    Woman reviews NIST SP 800-161 Revision 1

    NIST SP 800-161 aims to reshape supply chain risk management: What does it mean for government contractors?

  175. Webinar
    woman with multiple computer screens monitoring cybersecurity

    CMMC preparation: minimize competitive barriers and grow your federal business

  176. Podcast
    Fed Talks podcast series

    Fed Talks: Zero Trust thirty: reflections on cybersecurity

  177. Article
    View of a computer server room

    Cybersecurity considerations across the life cycle of a deal

  178. Webinar
    Abstract data

    CMMC for construction contractors: a practical examination

  179. Resource
    Abstract data

    Baker Tilly Fraud Summit 2022

  180. Article
    Healthcare data and cybersecurity risk management on an ipad

    HIPAA: get serious about identifying your organizational cybersecurity risks

  181. Webinar
    Cybersecurity

    Real and present maritime cyber security challenges for ship operators, insurers and lawyers

  182. Webinar
    Team meeting at a computer

    NIST 800-53 Revision 5: preparing for the transition

  183. Article
    Cybersecurity and data server at a not-for-profit organization

    Aligning your cybersecurity framework with your organization's mission

  184. Webinar
    Supply chain man working on tablet

    Insurance hot topics virtual series: the evolving insurance cybersecurity program

  185. Whitepaper
    Sustainable cybersecurity for manufacturing and distribution: Managing risks with limited budgets and talent

    2021 cyber predictions e-book

  186. Resource
    Conference room in advance of a board meeting

    NACD (National Association of Corporate Directors)

  187. Article
    Woman managing cloud technology on laptop

    Managing security risks when using third-party hosted solutions

  188. Webinar
    SOC lessons learned

    SOC: lessons learned from a year of remote engagements

  189. Article
    Woman managing cybersecurity risks in the cloud

    Managing cybersecurity risks in the cloud

  190. Article
    Cybersecurity on laptop with mobile icons

    Taking a risk-based approach to cybersecurity

  191. Webinar
    CMMC what to expect during official assessment

    CMMC: What to expect during an official assessment

  192. Webinar
    CMMC guidance

    Your CMMC timeline: expert guidance for today and preparing for tomorrow

  193. Webinar
    IT general controls and cybersecurity for public sector

    Stay in control: IT general controls and cybersecurity for public sector

  194. Article
    Cyberattacks and intellectual property loss

    Cyberattacks and intellectual property loss

  195. Article
    data privacy points across the globe

    Five things you need to know to optimize your company’s approach to data privacy and cybersecurity

  196. Article
    Cyber risk management framework in a virtual environment

    NIST releases SP 800-53 Revision 5 and SP 800-53B

  197. Article
    Healthcare professionals discussing cybersecurity and ransomware attacks

    Healthcare industry seeks enhanced cybersecurity controls in the face of rising ransomware attacks

  198. Webinar
    U.S. Capital Building reflection in a nearby building

    Are you ready for CMMC?

  199. Article
    contractors documenting changing terms of the Paycheck Protection Program (PPP)

    Preparing for the economic recovery: strategies to help contractors succeed in a changed business environment

  200. Webinar
    CMMC cybersecurity success hands

    Ensure CMMC success: seven common scoping mistakes to avoid

  201. Article
    Man working on a tablet at night

    CMMC: preparation is paramount

  202. Article
    Video conference of a medical professionals

    The rise of telehealth and the importance of cybersecurity

  203. Article
    Factory plant

    Pressure testing supply chain management: What do today’s challenges mean for government contractors?

  204. Webinar
    Dark Web: cybersecurity and the biggest threat facing your organization

    Cybersecurity Maturity Model Certification (CMMC) readiness series – Part II

  205. Article
    office building windows in the city

    Cybersecurity Maturity Model Certification (CMMC) impacts on the research enterprise at higher education and research institutions

  206. Webinar
    IT audit consultant analyzes data on a computer

    Critical cybersecurity considerations with a remote workforce

  207. Case Study
    Man works remotely with phone, reports and computer

    Baker Tilly guides city to enhance IT department operations

  208. Webinar
    Looking in on a board meeting

    Understanding CMMC and the implications for DoD contractors

  209. Webinar
    Man working at a computer from home

    CMMC is here, time to move to the cloud

  210. Article
    Businessman reviews report data

    Important cybersecurity tips while working remotely

  211. Multimedia
    Webinar series hero

    Derek Royster discusses insurance industry exposure during COVID-19

  212. Article
    Neighborhood street leading to state and local government building

    Cybersecurity Maturity Model Certification (CMMC) raises the bar for contractors

  213. Article
    Woman working at a computer

    IT audit for remote work environments during COVID-19 crisis, through recovery

  214. Article
    Doctor reviews patient data on computer

    Technology due diligence in healthcare

  215. Article
    Professional works remotely from home

    Cybersecurity hygiene for individuals working or learning remotely

  216. Webinar
    Cybersecurity maturity – enhancing your organization’s cyber risk management posture and program

    Cybersecurity maturity – enhancing your organization’s cyber risk management posture and program

  217. Multimedia
    geometric ceiling

    Can your IT SOX program withstand the PCAOB?

  218. Webinar
    Keeping your organization aligned with the SEC's cybersecurity guidance

    Keeping your organization aligned with the SEC's cybersecurity guidance

  219. Article
    Classroom

    Cybersecurity issues in research: can higher education institutions keep up with research data security requirements?

  220. Article
    Risky business: Protect your government from cyber threats

    Risky business: protect your government from cyber threats

  221. Whitepaper
    Data breaches pose increasing risk to healthcare organizations

    2020 Cyber Predictions

  222. Press Release
    Two women working together at a computer, discussing privacy and risk management

    Baker Tilly Partners with CENTRL to Help Clients Enhance Privacy Compliance and Risk Management

  223. Case Study
    Three doctors standing together in a hospital hallway

    National marrow donor program implements cybersecurity controls to protect sensitive patient data

  224. Webinar
    cyber curcuit board

    Protecting you and your family business against cyber risks

  225. Webinar
    ceiling lines

    Protecting your next investment: The importance of technology due diligence

  226. Webinar
    Various meeting notes pinned to a board

    Privacy compliance: ensuring compliance with CCPA and beyond

  227. In the News

    It only takes three seconds

  228. Press Release

    Baker Tilly Poll Shows Most Organizations Not Compliant with New SOC 2 Criteria

  229. In the News

    Investment in Cybersecurity is Key to Minimizing Risk and Gaining a Competitive Edge

  230. In the News

    Cyber risks weaken links in supply chains

  231. Article
    Hospital groups threaten to sue over site-neutral payment cuts

    Navigating the NAIC Insurance Data Security Model Law

  232. Webinar
    weather radar indicates storm warning

    Understanding privacy regulations and compliance

  233. Article
    prepare to answer questions about cybersecurity

    Audits hone in on cybersecurity

  234. Webinar
    Software and technology

    Cybersecurity oversight: the board and C-suite’s perspectives

  235. Article
    Stack of white papers

    AICPA proposes guidance for new System and Organization Controls (SOC) Supply Chain report

  236. Webinar
    Bundle of fiber optic wiring

    Transitioning between System and Organization Control (SOC) reports

  237. Article
    Storm tracking radar

    European Commission releases report on U.S.-EU Privacy Shield

  238. Webinar
    Padlock on red door

    The rise of privacy: a risk-based approach to privacy oversight, compliance and management

  239. Article
    Lock key

    Putting a price on privacy risk

  240. Webinar
    lighthouse at the end of a dock at night with water

    Preparing for SOC 2® changes: lessons learned from applying the new Trust Services Criteria

  241. Case Study
    Tall electrical tower

    System and Organization Controls (SOC) reports provide third-party assurance and significant time savings for large energy company

  242. Webinar
    View of a computer server room

    Protecting your next investment: The importance of cybersecurity due diligence

  243. Press Release

    Nearly 90 percent of Organizations Lack Holistic Cybersecurity Testing Program

  244. Webinar
    Secure server

    Advanced cyber intelligence techniques: Integrated security testing

  245. Article
    Ball made up of data nodes

    Data privacy legislation tightens across the globe

  246. Press Release

    Majority of Insurers Have Not Adopted Agile Methodologies within Internal Audit Function

  247. Article
    Typing on keyboard

    California passes furthest reaching privacy law to date

  248. Article
    View of a computer server room

    GDPR quick assessment questionnaire: assess your GDPR data footprint

  249. Article
    Five person board meeting

    The Center for Audit Quality releases new guidance on Cybersecurity Risk Management Oversight: A Tool for Board Members

  250. Press Release

    Despite Impending Deadline, Most Organizations Remain Unprepared to Comply With GDPR

  251. Webinar
    Man works remotely with phone, reports and computer

    System and Organization Controls (SOC): latest SOC 2® guidance updates and impacts for issuers and recipients

  252. Article
    Ethernet cables

    System and Organization Controls (SOC): 20 questions with Baker Tilly

  253. Webinar
    View of a computer server room

    System and Organization Controls (SOC) webinar and insights series

  254. Article
    Woman reviews business plan on computer

    AICPA releases new guidance on System and Organization Controls (SOC) 2® Trust Services Criteria and Description Criteria

  255. Article
    Cybersecurity management in higher education

    Cybersecurity management in higher education

  256. In the News

    Six ways to improve your cybersecurity practices

  257. Article
    AICPA releases System and Organization Controls (SOC) for Cybersecurity guidance with SOC 2® comparison

    AICPA releases System and Organization Controls (SOC) for Cybersecurity guidance with SOC 2® comparison

  258. Press Release

    33 Percent of Financial Institutions Have Not Tested Their Cybersecurity Incident Response Plan

  259. Article
    European Union and United Kingdom flags

    European Union’s General Data Protection Regulation (GDPR) enforcement date looms

  260. Webinar
    Man working at a computer from home

    SOC update: Lessons learned from the first year of SSAE18 and SOC for Cybersecurity

  261. Article
    Strategy session resources

    System and Organization Controls (SOC): a guide to transitioning to the new Trust Services Criteria

  262. Webinar
    fiber optics, lights, technology

    Social media data risks: Take steps now to improve your security posture

  263. Article
    Five person meeting

    Tips to understand and maximize the value of SOC reports for boards, audit committees and senior management

  264. Webinar
    Architecture details, glass windows

    System and Organization Controls (SOC) essentials II: key tips for issuers and recipients

  265. Press Release

    Baker Tilly Adds David Ross to Enhance National Cybersecurity Specialization

  266. Article
    Integrating corporate compliance programs into enterprise risk programs

    Integrating corporate compliance programs into enterprise risk programs

  267. Article
    American flag

    FAQ: Cyber DFARS and government contracting

  268. Article
    Opening between buildings

    HITRUST CSF™ Version 9: updates and impacts for certification

  269. Article
    Cybersecurity management in manufacturing and distribution

    Cybersecurity management in manufacturing and distribution

  270. Case Study
    Construction planning

    Mortgage originator ensures compliance with FFIEC guidelines through business continuity management and disaster recovery plan assessments

  271. Case Study
    City skyline at sunset

    Real estate investment firm improves its business continuity strategy and approach with Baker Tilly risk assessment and disaster recovery plan

  272. Case Study
    A not-for-profit strengthens its defenses against and preparedness for potential disaster and/or crisis with business continuity and disaster recovery planning

    A not-for-profit strengthens its defenses against and preparedness for potential disaster and/or crisis with business continuity and disaster recovery planning

  273. Article
    Building a practical cybersecurity risk acceptance/risk transfer framework

    Building a practical cybersecurity risk acceptance/risk transfer framework

  274. Article
    Strategic planning meeting members brainstorm with a clear whiteboard

    Developing and implementing an effective breach response plan

  275. Article
    technology, digital, lights

    Monitoring and verifying cybersecurity controls effectiveness

  276. Article
    Team meets in conference room

    Watch out for e-mail compromise fraud schemes

  277. Article
    Data center, server

    Dark Web: cybersecurity and the biggest threat facing your organization

  278. Whitepaper
    NYS DFS cybersecurity readiness checklist

    NYS DFS cybersecurity readiness checklist

  279. Webinar
    Compliance Potpourri!

    Compliance Potpourri!

  280. Webinar
    SOC essentials and reporting options

    SOC essentials and reporting options

  281. Article
    hands typing on laptop

    Upcoming HITRUST CSF Version 9 release: Understanding the impact

  282. Article

    Why cybersecurity is getting more difficult to manage

  283. Webinar
    The finalized NYS DFS cybersecurity regulations: The 12 month transition

    The finalized NYS DFS cybersecurity regulations: The 12 month transition

  284. Case Study
    Not-for-profit undergoes IT general controls and application controls audit and receives recommendations that will drive IT planning and budget processes and improve operating effectiveness

    Not-for-profit undergoes IT general controls and application controls audit and receives recommendations that will drive IT planning and budget processes and improve operating effectiveness

  285. Case Study
    Publicly traded manufacturer improves financial reporting control environment after SOX compliance review

    Publicly traded manufacturer improves financial reporting control environment after SOX compliance review

  286. Article
    NAIC risk focused examinations: Insurers, be prepared for your next examination

    NAIC risk focused examinations: Insurers, be prepared for your next examination

  287. Whitepaper
    View of a computer server room

    NYS DFS cybersecurity rules compliance guide

  288. Case Study
    Health system strives to maintain data security working with Baker Tilly to conduct a HIPAA security risk assessment

    Health system strives to maintain data security working with Baker Tilly to conduct a HIPAA security risk assessment

  289. Article
    string of lights

    Creating a sustainable cybersecurity management program

  290. Webinar
    City buildings reflecting sky

    HITRUST demystified: what it means and what to expect from certification

  291. Article
    ASC 606 transition: Disclosures

    ASC 606 transition: Disclosures

  292. Case Study
    Intellectual property law firm seeks IT risk and network vulnerability assessments to protect sensitive data

    Intellectual property law firm seeks IT risk and network vulnerability assessments to protect sensitive data

  293. Article
    architecture, blue support beams

    Cybersecurity management: implementing cybersecurity controls

  294. Article

    Top ten tips for board members approaching mergers and acquisitions

  295. Article
    Lights speeding by with city buildings in the distance

    Cybersecurity management: data classification demystified

  296. Article

    Five best practices to manage hedge fund cybersecurity risks

  297. Webinar
    Advisor consults client by phone

    Cybersecurity challenges for not-for-profits: your questions answered

  298. Article
    Conference room in advance of board meeting

    Cyber-risk: what audit committees and boards need to know now

  299. Article
    Lights speeding by with city buildings in the distance

    New Jersey law mandating health insurance data encryption may have broader implications

  300. Article
    Drone flies within city limits

    New NIST Cybersecurity Framework

  301. Article
    Conference room in advance of a board meeting

    U.S. cybersecurity executive order could mean changes for many organizations

  302. Case Study

    Not-for-profit organization increases awareness of its data privacy and implements change management policy

  303. Case Study
    Programmer performs systems testing on software

    Baker Tilly helps local government strengthen its IT department

  304. Article
    Teammates meeting in a conference room

    Annual Statement of Accounts (ASOA) certification required for music streaming service providers

  1. Jeff Krull

    Jeff Krull

    CPA, CISA, CITP

    Principal

  2. Mike Cullen

    Mike Cullen

    CISA, CISSP, CIPP/US

    Principal

  3. Emily Di Nardo

    Emily Di Nardo

    CPA, CITP, HITRUST CHQP

    Principal

  4. Baker Tilly Professional

    Matt Gilbert

    CISA, CRISC, CMMC

    Principal

  5. Garrett Gosh

    Garrett Gosh

    CPA, CITP

    Principal

  6. Madhu Maganti

    Madhu Maganti

    CPA, CISA, M.S.

    Principal

  7. Brian Nichols

    Brian Nichols

    CISSP, CIPP/US

    Principal

  8. Joe Shusko

    Joe Shusko

    CISA, PMP

    Principal

  9. Christopher J. Tait

    Christopher J. Tait

    MBA, CISA, CCSK, CFSA

    Principal

  10. Bosco Yuen

    Bosco Yuen

    CPA, CISSP, CISA, CIA, CSX, CCSA, PMP

    Principal

Organizations need an accurate and objective view of their cybersecurity profile to safeguard information assets and protect the organization's value.

    Proactively protect and address your cybersecurity and information technology (IT) risks.

    Information assets and technology investments left ungoverned and unprotected leave organizations vulnerable to compromise and loss of reputation, revenue/value, customers and intellectual property. Couple these risks with the increasing demands for transparency, accountability and compliance by regulators, government entities, shareholders and others, and you have a perfect storm of risks.

    While sophisticated hacking is a valid threat to organizations, it is rarely the root cause of a data breach. The vast majority of data breaches and cybersecurity incidents are actually caused by a breakdown of basic cybersecurity processes and controls.

    Baker Tilly’s cybersecurity specialists work with organizations to assess their risk and achieve measurable security enhancements and cybersecurity control improvements. We will evaluate your cybersecurity controls, deliver recommended improvements and provide assurance that your cybersecurity controls are working.

    Cybersecurity Awareness Month - 2024

    Explore recent Baker Tilly cybersecurity thought leadership and events to help your organization mitigate cybersecurity risks by achieving measurable security enhancements and control improvements.

    Connect with a Baker Tilly cybersecurity specialist

    • Week one
    • Week two
    • Week three
    • Week four
    • Week five

    Guide

    Ransomware prevention guide

    Provide leading cybersecurity practices to stay ahead of ever-evolving ransomware threats.

    Webinar

    CMMC: How to pick an assessor

    Baker Tilly CMMC specialists will discuss the role of the C3PAO, lead assessor and assessment team, and explore key considerations and critical questions to ask when selecting a C3PAO.

    Webinar

    In the SOClight: Exploring the hottest topics of SOC reporting

    Baker Tilly SOC specialists will provide actionable insights to tackle key challenges and requirements when preparing for a SOC examination.

    Article

    AI: How to manage cybersecurity and data governance risks

    In the ever-evolving world of AI, your organization has many elements to consider. In this article, Baker Tilly cybersecurity specialists recommend initial steps to establish AI governance.

    Guide

    Cyber resilience: A guide to navigating modern risks

    In this guide, Baker Tilly cybersecurity specialists elaborate on leading cybersecurity practices and a checklist of questions to strengthen your cyber resiliency. 

    Our solutions

    Our clients count on our proactive, experienced guidance to manage cyber risk, helping them win now and anticipate tomorrow.

    • Cybersecurity and IT assessments
    • Cybersecurity and privacy compliance

    Cybersecurity and privacy compliance

    Certifications​

    Privacy compliance assessments​

    Security compliance assessments​

    We are making great headway on security policies, procedures and it’s measurable. Our exposed surface area for cyber-attack is smaller than it’s ever been.
    Director of Information Systems for a large insurance company

    Our industries

    1. Supervisor observes an energy power plant

      Energy

      With expertise in oil and gas, power and utilities and renewable energy, we provide a collective view with measurable results.
    2. Two advisors reviewing financial services dashboard data

      Financial Services

      The financial services industry continues to diversify, but competition and more complex vendor relationships make determining business strategy more complicated.
    3. Life sciences presentation on data dashboard

      Healthcare & Life Sciences

      Baker Tilly helps organizations win now, and explore the options for tomorrow, through an orchestrated approach and understanding encompassing all facets of the healthcare ecosystem.
    4. Students review schedules on campus

      Higher Education

      Higher education transformation is a journey. Let's embark on it, together.
    5. Technician analyzes security of data on servers

      HITRUST CSF Assessment Services

      The HITRUST CSF provides an integrated, certifiable approach to securing PHI. Any organization handling PHI on behalf of customers may be required to obtain a HITRUST CSF certification.
    6. Lawyer on mobile phone in law firm office

      Law Firm & Professional Services

      In the face of intense competition, successful law firms must deliver quality legal services and practice effective business management.
    7. manufacturer optimizes and innovates through the help of manufacturing consulting from Baker Tilly

      Manufacturing & Distribution

      Providing manufacturing consulting solutions to help businesses reduce risk and improve efficiencies across the supply chain.
    8. Commercial real estate consulting firms in city

      Real Estate

      Innovative real estate consulting, tax and assurance solutions for developers, owners, investors and property managers.

    Featured Insights

    1. enhancing cybersecurity identity access management

      Enhancing cybersecurity through identity and access management

      Enhancing cybersecurity through IAM is crucial. Organizations should verify identities, prevent breaches, protect data, and assess and improve practices.
    2. 2024 cybersecurity landscape threats and opportunities

      Cybersecurity on the horizon: Preparing for 2024’s threats and opportunities

      Discover why organizations should remain agile and forward-thinking in their defensive strategies when navigating the cybersecurity landscape.
    3. key cybersecurity trends industry leading reports

      Key cybersecurity trends from industry-leading reports

      This article discusses cybersecurity trends from 2023 and how organizations can protect themselves from cyber threats in 2024.
    4. soc readiness faq

      SOC readiness FAQ: Examining the basics and complexities

      This article addresses frequently asked questions about system and organization controls (SOC) readiness assessments.
    5. securing your organization vulnerability management

      Securing your organization: A practical approach to vulnerability management

      This article discusses vulnerability management and the proactive process of identifying, prioritizing and mitigating security weaknesses in an organization’s environment to minimize risk.

    © 2024 Baker Tilly US, LLP