Blog

As part of the launch of our latest employee resource group, SchellmanECO, learn all the small ways individuals can help preserve the world we live in.

Penetration testing can mean a number of different things and approaches. We break down one specific kind of test that may suit your cybersecurity needs.

How does Schellman stack up against similar firms? To get you started on your comparisons, here's a high-level introduction to 3 organizations that can all handle a lot of your compliance needs.

Schellman announces that it is now an accredited assessor under the Kantara Initiative.

Scoping in compliance can be complicated. For those who provide P2PE solutions, we explain what will fall into scope for your assessment no matter how much of your solution you outsource.

Wondering what a pen test costs? Your scope will play a huge part in price--we detail different kinds of pen tests and the scoping factors that will affect your final number.

Trying to get started with FedRAMP? To help you avoid confusion, we break down what kind of firm you need and when so that your cloud service offering gets compliant sooner.

Do you need a penetration test of some sort? We detail, step-by-step, what the experience of such a process with Schellman would look like so you can better set expectations for your own pen test.

Considering consolidating all your audits under one provider? Here are 3 questions you should ask every firm you vet to ensure you have the best experience when giving someone all that responsibility.

Though CMMC is officially still on the way, there is plenty you can do right now to get ready. We break down 3 ways you can prepare starting now, using resources already available to you.

Our annual retreat is always a big highlight of Schellman's year. A staple from our very beginning, learn about how the trip has evolved over time and what all it entails--including a ton of fun!

Pipedream has become a threat to industrial control systems. Learn why and how this malware can affect critical infrastructure as well as what you can do to protect yourself against it.

Did you have a finding turn up in your SOC audit? Learn about why remediation is important every time, when you should do that, and what you can do in the meantime should you need to delay.

Going through a SOC examination and not sure what to do about your subservice organizations? We break down the two options you have, as well as considerations to make before selecting a method.

The Big 4 are usually everyone's first instinct when it comes to SOC reports. We break each firm down and provide questions you can ask them all as you search for the right compliance firm for you.