Information Security Blog
The Time Has Come to Move to Windows 10
It looks like Windows 10 has finally overtaken Windows 7 as the most widely-deployed Windows platform. From a cybersecurity standpoint, this is good news. Windows 10 is a more secure environment with more up-to-date security functionality built-in. Moreover, Windows...
read moreWhat Does “Failure is Not an Option” Mean for Recovery Planning?
The “failure is not an option” mindset and attitude are prominent in business circles. The generic connotation of the phrase is that those responsible are absolutely committed to success come what may and will persevere until they find a way to prevail. But when I...
read moreCredential Harvesting: It’s More Than Just Phishing and More Common Than Ever
According to the 2017 Verizon Data Breach Investigations Report, over 80% of hacking-related data breaches were the direct result of weak or stolen passwords. Hackers have long known that the easiest way to nab sensitive data is to obtain legitimate access...
read moreWhat Threat Hunting and Pinot Noir Have in Common
Recently I discussed a potential vCISO engagement with a mid-size restaurant chain (500+ locations). They asked about our experience with, and our thoughts on, “threat hunting.” Threat hunting is loosely defined as “proactive incident response”—actively looking for...
read moreDo New Regulations Mean that Data Security and Data Privacy Should Merge?
New data privacy regulations like GDPR and the California Consumer Protection Act of 2018 (CCPA) are forcing many organizations to factor privacy into their data security programs like never before. Do these new privacy mandates effectively merge the security and...
read more
