October is Cybersecurity Awareness Month and to help drive awareness of critical security issues, we'll be posting DGC's Cybersecurity Tip of the Week through the end of the month.

We get it. Policies are not the most exciting topic.

However, many times policies are required by law. For example, if you are storing or processing personally identifiable information (PII) on the residents of Massachusetts - both employees and customers - you need a Written Information Security Program (WISP). Failure to comply, especially in a situation involving a data breach, may result in significant fines. DGC's Donny Butler wrote an article recently defining PII, who must comply, and required steps to achieve compliance. To read the article, click here.

DGC is an accounting and business advisory firm with a dedicated IT Risk Assurance & Advisory practice. We offer a range of IT Audit, compliance, and cyber & information security services that can help identify, evaluate, measure and manage compliance and cybersecurity risks. Our professionals are trained to identify areas of exposure and recommend size-appropriate, cost-conscious corrective actions. We look forward to being a resource for you--please reach out to a member of our team: Nick DeLena, CISSP, CISA, CRISC, CDPSE at 781-937-5191 / ndelena@dgccpa.com or Donny Butler, CPA, CISA at 781-937-5137 / dbutler@dgccpa.com.