by John Verry | Feb 13, 2019 | InfoSec Strategies
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in preparation for our ISO 27001... by Jeremy Sporn | Nov 20, 2018 | InfoSec Strategies
With the exponential growth of cloud computing, organizations of all sizes need to understand their risks around storing sensitive data in the cloud, as well as investigate and implement cloud security options. To support this... by Taylor Smith | Sep 24, 2018 | InfoSec Strategies
DEF CON 26, one of the world’s largest public gatherings of information security professionals and hobbyists, happened in Las Vegas on August 9-12. This event attracted over 20,000 attendees from around the globe for a weekend of panels, activities, labs, and even... by Bhaumik Shah | Sep 10, 2018 | InfoSec Strategies
A recent security flaw in a financial technology application was discovered by a security researcher. The flaw illustrates a significant benefit of using the OWAS ASVS over the OWASP Top 10 list when verifying an application’s information security. Here’s Why... by John Verry | Aug 16, 2018 | InfoSec Strategies
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank... by Taylor Smith | Aug 10, 2018 | InfoSec Strategies
We tend to think of our world full of interconnected devices as fun and convenient. Why not monitor your toaster with a phone app—what could possibly go wrong? The downside, we now know, is that cybercriminals will quickly enlist these Internet of Things (IoT) devices...
