Cybersecurity Awareness Month

Special Focus on Board Cyber Considerations, Email & Identity Protection and Ransomware

Cyber risks are scary and can cause significant damage to your operations and finances as well as your reputation. Don’t be spooked by these threats, learn how to fight them!

This month, Weaver’s IT Advisory Services team turns the spotlight on three areas that are top of mind with our clients: 1) Communicating with the Board on IT and cyber issues, 2) Data privacy and management, and 3) Handling cybersecurity threats and exposure. We welcome you to contact us directly.

Board Cyber Considerations
Data Privacy & Management
Cyber Threats

Board Cyber Considerations

A CISO's Guide to Effective Communication with the Board

One of the challenging parts of being a cybersecurity leader is communicating technical concepts in a manner that non-technical leaders, boards and C-suite personnel can understand. Focus too much on the metrics that lack context and you will likely get silence or a barrage of questions.
Read More


Webinar: Communicating with the Board: Addressing Board Reports from the Cyber Perspective

Effectively communicating information to the board is instrumental to the process of budgeting and managing cybersecurity programs. However, sharing critical technology data can become challenging when board members have a variety of experience and understanding.
Watch Now


Accounting and SEC Update: Second Quarter

During Weaver’s 2023 Second Quarter Accounting and SEC Update, we took a deep dive into examining three hot issues that affect companies of all sizes. The SEC’s cybersecurity guidelines continue to evolve and become more refined with an increased emphasis on companies adopting holistic programs. Their final rule is anticipated to be issued in late 2023 or in 2024 after review of the latest public comments.
Read More

Data Privacy & Management

European Commission Adopts Adequacy Decision for EU-US Data Privacy Framework

With the 24 Member States from the European Union (EU) voting in favor of adopting the EU-US Data Privacy Framework (EU-US DPF), the European Commission (EC) believes that U.S. protection of personal data transferred between the countries is comparable to that offered in the EU.
Read More


Preparing to Comply with Iowa’s Consumer Data Protection Law

Growing businesses that accept credit cards are likely to be required to submit a Self-Assessment Questionnaire (SAQ) and Attestation of Compliance (AOC) for Payment Card Industry (PCI) compliance to acquirers (banks) or clients.
Read More


Where Are Your Assets and What Do They Do?

In the ever-changing technology environment we live in, an up-to-date inventory of an organization’s technology assets is critical for maintaining overall security. These assets may include hardware, such as servers or laptops; software, including applications and programs, and data assets.
Read More


Connect the Process Dots and Gain Valuable Insights with a Data Inventory

For as long as individuals and businesses have engaged in commerce and trade, merchants have gathered and stored information. This spans the list of products and/or services available from which buyers could choose, the list of customers in which to engage with, and transactional details related to operating the business. So while it sounds like a new concept, data inventories have actually existed for centuries.
Read More

Cyber Threats

How to Identify and Mitigate Insider Threats

The biggest risks to an organization may actually come from inside. A comprehensive, holistic insider threat mitigation program will provide the tools to help you identify, monitor and mitigate insider threats.
Read More


Converting the SEC Cybersecurity Disclosure Rules into Actionable Steps

On July 26, 2023, the Securities and Exchange Commission (SEC) approved rules requiring public companies to disclose material cybersecurity incidents in Form 8-K within four days of the incident. Public companies will also be required to provide an annual update in 10-K filings with information about their cybersecurity risk management, strategy, and governance. The rules were adopted by a 3–2 vote and will take effect in December 2023.
Read More


The Why and How of Cyber Insurance

In a world where data breaches are a question of when, not if, getting cyber insurance seems mandatory. At the same time — and for the same reasons — insurers are raising the bar to get this insurance and adding more coverage exclusions.
Read More


Cybersecurity Services

No two projects are identical. We perform tailored procedures to improve the security posture across organizations through our understanding of diverse technology, security frameworks and industry requirements.

Cyber Risk Assessments
Prioritizing cyber risks that impact security and operations and identifying mitigations.


Compliance Assessments
Evaluating systems and processes, and providing results based on criteria and requirements.


Vulnerability Assessments
Identifying technical weaknesses across devices to improve the overall security posture.


Maturity Assessments and Roadmaps
Defining the current security profile to improve and target the intended goal state for security.


Gap & Readiness Assessments
Facilitating work sessions and reviews to determine next steps for compliance.


Penetration Tests
Testing systems as an attacker to highlight flaws and misconfigurations in a controlled manner.


Cyber Audits
Evaluating environments and systems based on defined controls, criteria, and requirements.


Cyber Due Diligence
Providing buy and sell-side analysis and support aligned to M&A strategy.


Social Engineering
Simulating fraudulent e-mails to assess human weaknesses in security programs.


Learn more about our cybersecurity services 


Cyber Do's and Don'ts