by John Verry | Aug 9, 2019 | InfoSec Strategies, ISMS Consulting
One of my favorite historical figures is Vilfredo Pareto; an Italian engineer, economist, sociologist, political scientist and philosopher. He developed what is now called “The Pareto Principle,” also known as the 80/20 rule, the law of the vital few, or the principle... by Leigh Ronczka | Jun 13, 2019 | Security Awareness Training
A client called the other day to tell me about a highly evolved phishing attempt cast straight at his law firm. Kudos to their employees for not taking the bait. Here’s how the attack played out: First, an employee who regularly handles emails addressed to the firm in... by Lou Romero | Jun 19, 2018 | InfoSec Strategies
For the last 20 months or so, we’ve worked with nearly 200 government municipalities on cyber loss control projects, now largely completed. Data security is a major concern for many municipal governments, so in this post—the fourth in our Cyber Security Foundation for... by John Verry | May 22, 2018 | Security Awareness Training
Recently I had a conversation with the CIO of a midsize law firm that had recently lost quite a bit of work product (and one of its biggest clients along with it) to ransomware because an equity shareholder had fallen victim to spear phishing. He was looking for... by John Verry | Mar 6, 2018 | Security Awareness Training
For an organization to comply with Payment Card Industry Data Security Standard (PCI DSS) Requirement 12.6, they must have a formal security awareness program in place. On reviewing a number of these programs over the last few years, I have been surprised to note how...
