SOC 2 (System and Organization Controls for Service Organizations) is essential on many levels. Cyber Advisors received its SOC 2 Type 1 certification in early 2021. In 2022, Cyber Advisors executed our SOC 2 Type 2. This audit was successful, and Cyber Advisors received compliance in Q2 2022.
There are multiple levels of SOC 2 compliance, but for simplification and commonality, we will focus on two levels. Type 1 requires you to present all of your controls and governance, and Type 2 requires you to prove it. (The real proof is in Type 2)
SOC 2 is ubiquitous in the services business. It allows organizations to adopt and implement the necessary controls to protect customer data. Your managed IT services or professional IT services provider should be fully SOC compliant on your behalf - as many breaches occur through IT service providers and cloud organizations.
According to IBM, the average data breach cost in 2021 was 4.24M. A SOC 2 audit is an excellent investment to help avoid the risk of being a data breach statistic.
Many customers are demanding SOC 2 compliance from their partnerships. This is great news, as it proves the fact that Cyber Advisors’ customers are thinking about security and demanding more from their service partnerships.
What is your stance on SOC 2? Does your business require it from your IT service provider? If they store any of your data (or metadata), it may be time to consider pushing your provider toward SOC 2 compliance.