Cybersecurity Whitepapers

In the Trenches: Building A Risk Management Program from the Ground Up

Featuring expert guidance from Consulting Manager Larry Kinkaid, this whitepaper outlines everything you need to know when building a risk management program from scratch. 

Proposed SEC Cybersecurity Reporting Requirements

Everything You Need to Know

Proposed rules by the SEC could have a sweeping impact on all public companies that are subject to the Securities Exchange Act of 1934. Learn more. 

The 19 HITRUST Domains

A Comprehensive Approach to Information Security

HITRUST CSF streamlines compliance requirements and reduces the burden on organizations. Explore the 19 HITRUST domains that comprise the CSF, understanding their significance and how they contribute to overall information security.

ISO 27001

A Step-by-Step Approach Toward Certification

Working toward ISO 27001 certification can be overwhelming. Learn about BARR Certification’s proven, step-by-step approach to ISO 27001 certification so you know exactly what to expect when partnering with BARR. 

Everything You Need to Know About the ISO 27001:2022 Release

Learn about the ISO 27001:2022 requirements for your information security management system (ISMS).

Audit Once, Report Many:

BARR is 1 of 9 Firms to Perform Audits for ISO 27001, HITRUST, and SOC 2

BARR is 1 of only 9 firms in the country that are certified to perform all three of the highest-regarded security audits: ISO 27001, HITRUST, and SOC 2. Learn what that means and how BARR can help your organization achieve maximum compliance with minimal resources. 

Focus on Foundations: HITRUST e1 Assessments

The HITRUST e1 Assessment is a low effort yet reliable assessment that helps organizations focus on foundational cybersecurity controls and prepares them for the most critical cybersecurity threats.

How to Establish Your Cybersecurity Vision

Learn how to how to establish your cybersecurity vision and gain continuous traction on your cybersecurity efforts. 

Cybersecurity During Uncertain Times

Learn how to how to prioritize security by getting back to the basics and how to build a human-first business continuity plan.

How to Use Cybersecurity KPIs

Learn how to how to effectively measure your cybersecurity program using key performance indicators and scorecards.

HITRUST i1 Assessments

Learn about the benefits of the new HITRUST i1 Assessment and how BARR can help your organization achieve a validated certification. 

The State of the 2022 CISO

Learn how emerging technologies, continued adoption of the cloud, and a rapidly changing industry has impacted the role of the CISO. 

The Impact of Technical Debt on Cybersecurity

Learn how to recognize and prevent your organization’s technical debt before it makes an impact on your cybersecurity program. 

A Simple Introduction to the 18 CIS Controls

Explore the 18 CIS Controls and how you can easily implement them into your cybersecurity program.

Who Needs a vCISO and Why?

Learn some of the benefits of a vCISO and if your company should consider hiring one.

How To Implement An Information Security Program In 9 Steps

Learn how to build an information security program that protects your company, your customers, and your data.

With the Cloud Comes Great Responsibility — and ROI

Are you a cloud service provider? Learn how to reduce risk and protect your customers’ valuable information.

Digital Meets Physical: Crypto ATMs and Best Practices for Operators

Learn five quick FAQs about Bitcoin and cryptocurrency, as well as best practices for crypto ATM operators from our experienced audit team.

A Complete Guide to SOC Examinations: A Proven Process

Learn everything you need to know about the SOC examination process from readiness assessment to final deliverable and how SOC can benefit your organization.