Information Security Blog
Patch or Pay – Can You Be Sued for Negligence If You Fail to Patch Vulnerable Systems?
The single most critical and effective measure for reducing cyber security risk is a robust patch management program that allows you to quickly and efficiently apply vendors’ software patches. Known vulnerabilities are a hacker’s favorite attack points, and many of...
read moreIf AI is “The Future” of Cyber Security, What Does That Mean for InfoSec Workers?
My niece just graduated college. Her four-year degree gets her into the job hunt, but with no guarantees. Like the rest of us—especially in ever-changing fields like IT and InfoSec—she’ll need to constantly refine and expand her newly minted skills and training to...
read moreHow the GDPR and Privacy Shield Regulations Relate—and What They Mean for Your Business
In my data privacy practice, I’m finding many organizations are still unclear about the purpose and ramifications of the new EU-US Privacy Shield and the EU’s General Data Protection Regulation (GDPR), and how they are meant to work together. These instruments define...
read moreCEO Fraud Up 270% in One Year—And 33% of Top Execs Are Vulnerable
According to the FBI’s Internet Crime Complaint Center (IC3) 2016 Internet Crime Report, CEO fraud that spoofs senior executives ranks among the most prevalent and costly of all cyber attacks reported by businesses and individuals. Such crimes rose a staggering 270%...
read moreVulnerability Patch Management is Not the Same as Vulnerability Management
After we perform an initial penetration test, we provide our clients with reports and review the results with them. It’s crucial they understand clearly what they need to fix and why. But often, when we circle back to do the remediation testing certain issues remain...
read more
