Cybersecurity Awareness Month has come and gone, but we would be remiss without addressing Incident Response. Before we do, let’s recap the ground we’ve covered in the first four of five installments on a robust Cybersecurity and Data Privacy Program. Conduct an Assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 5, Incident Response.
With just one more week to go in Cybersecurity Awareness Month, let’s recap the ground we’ve covered in the first three of five installments before moving on to Phase 4, Compliance. Start your journey with a risk assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic viewpoint of People, Process, and… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 4, Compliance
It is the middle of Cybersecurity Awareness Month. Let’s recap the ground we’ve covered in the first two installments before moving on to Phase 3, Managing Cybersecurity Risk. Start your journey with a risk assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic viewpoint of People, Process, and Technology using a… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 3, Managing Cybersecurity Risk
In our second installment, we’ll cover the next phase in the lifecycle, Design. Keep in mind, depending upon your circumstance, you could enter the lifecycle at any stage. This installment title does not contain just a catchy subtitle but actual requirements under law in legislation like the European Union’s The General Data Protection Regulation (GDPR)… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 2, Security & Privacy by Design
If dealing with COVID-19 and 100% remote workforce is not enough, businesses of all sizes and in all verticals are facing an exponentially more frequent and more sophisticated siege of cyberattacks. However, for those small to mid-market businesses (SMBs), there is likely worse news. Bad actors/hackers/hacktivists/cybercriminals are targeting them specifically since there is a well-known weakness. Most SMB organizations aren’t as well prepared to defend and respond. https://www.bizjournals.com/sanfrancisco/news/2020/09/28/hacks-of-fortune-500-business-may-make-the-headl.html Part of the reason… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 1, Let’s Assess.
Businesses all across the country are facing serious disruptions due to the effects of the Coronavirus. Companies are all still grappling with the myriad of issues the pandemic has caused, including how to ensure the security of sensitive data, systems and proprietary processes. Many companies simply were not prepared for the challenges this crisis presented… Read More »Covid-19 – Business Continuity Management
New York State has become the latest in a long line of states to tweak its laws around data breach notifications. On July 19, Capital One suffered one of the biggest data breaches ever. On July 25, New York Governor Andrew Cuomo signed new legislation, the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) into… Read More »New York Governor Signs Cyber Law After Capital One Breach
On Friday, May 3, 2019, Wolters Kluwer CCH, the cloud-based tax division of the Netherlands-based-global information services firm Wolters Kluwer, was notified of an apparent security/data privacy issue by Brian Krebs, the world-famous cybersecurity expert behind KrebsonSecurity. Wolters Kluwer is a global provider of professional information, software solutions, and services for clinicians, nurses, accountants, lawyers, and tax,… Read More »Vendor/Supply Chain CyberSec – Lessons to be learned from the CCH Hack
Your organization’s risk surface may be larger than you think. Here is why. Depending on the industry or vertical niche, most businesses today rely on several (if not many) third-party service providers and other vendors to support core business functions. Supply chains are interconnected so just-in-time inventory management hums along seamlessly. The multi-function printers contact… Read More »3rd Party Cybersecurity Risk – Literally the Keys to Your Front (and Every Other) Door!
The FBI and national cybersecurity experts are trying to get the word out to executives and their direct reports about a growing and successful attack approach: Business Email Compromise (BEC). Also known as “CEO fraud,” the FBI predicts that these attacks – which already cost businesses upwards of 12.5 billion dollars annually, will only continue to grow and evolve.… Read More »Business Email Compromise (BEC): What You Need To Know