by Jeremy Sporn | Nov 20, 2018 | InfoSec Strategies
With the exponential growth of cloud computing, organizations of all sizes need to understand their risks around storing sensitive data in the cloud, as well as investigate and implement cloud security options. To support this...
by Taylor Smith | Sep 24, 2018 | InfoSec Strategies
DEF CON 26, one of the world’s largest public gatherings of information security professionals and hobbyists, happened in Las Vegas on August 9-12. This event attracted over 20,000 attendees from around the globe for a weekend of panels, activities, labs, and even...
by Bhaumik Shah | Sep 10, 2018 | InfoSec Strategies
A recent security flaw in a financial technology application was discovered by a security researcher. The flaw illustrates a significant benefit of using the OWAS ASVS over the OWASP Top 10 list when verifying an application’s information security. Here’s Why...
by John Verry | Aug 16, 2018 | InfoSec Strategies
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...
by Taylor Smith | Aug 10, 2018 | InfoSec Strategies
We tend to think of our world full of interconnected devices as fun and convenient. Why not monitor your toaster with a phone app—what could possibly go wrong? The downside, we now know, is that cybercriminals will quickly enlist these Internet of Things (IoT) devices...
by John Verry | Jul 31, 2018 | InfoSec Strategies
The National Association of Insurance Commissioners’ (NAIC) adopted the Insurance Data Security Model Law in October 2017. It establishes minimum standards for data security applicable to insurance providers. I believe this legislation will have a significant impact...
