Blog

CYBERSECURITY AND COMPLIANCE

5 Things to Know About Phishing Attacks

Read time: 45 seconds
Phishing attacks are one of the most common security challenges that both individuals and companies face in keeping their information secure. Whether it’s getting access to passwords, credit cards, or other sensitive information, cybercriminals are using email, social media, phone calls, and any form of communication they can to steal valuable data. Click here to learn about five phishing fundamentals…

January 28th is Data Privacy Day

Read time: 20 seconds
Join us on January 28 for the Data Privacy Day 2020 event live from LinkedIn! Experts will discuss the changes GDPR has had on the privacy landscape across the globe.  Register by clicking here.

SEC Announces 2020 Examination Priorities

Read time: 45 seconds
The SEC recently released their 2020 examination priorities. These are the areas the examination branch of the SEC (OCIE) will be focused on during exams this year. The SEC specifically calls out RIAs in this year’s priorities: “Specific to RIAs, OCIE will continue to focus its examinations on assessing RIAs’ protection of clients’ personal financial information. Particular focus areas will…

IT Security is a Long-Term Investment

Read time: 60 seconds
According to Canon’s latest Office of the Future Survey, the same digital transformations that are making companies more productive, efficient, and innovative are also unearthing security vulnerabilities. For example, nearly half (46%) of survey respondents say they’re spending less than 5% of their IT budget on security. Only 25% have state-of-the-art disaster recovery procedures in place. An astonishing 40% have no security agenda…

Review Who Gets to See What

IT isn’t like a rock festival – you don’t want to give anyone an all-access pass. Complying with regulations like CCPA, HIPAA, PCI DSS, and Sarbanes-Oxley, requires you to control who can access what data and applications across your company. You also have to monitor, manage, and audit every single user account, from creation to termination, and keep a record…

It’s a New Era for Privacy Compliance

Read time: 50 seconds
As new data privacy regulations like the California Consumer Privacy Act (CCPA) roll out, organizations concerned about compliance are changing how they handle sensitive customer information. One interesting trend we’ve noted is that companies are creating committees to handle customer requests about their personal information, often including someone from the privacy office, someone from the security office, and someone from…

It’s Everyone’s Job to Ensure Online Safety at Work

Read time: 30 seconds
The lines between our work and daily lives are becoming increasingly blurred, and it is more important than ever to be certain that smart cybersecurity practices carry over between the two. When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency – your organization’s online security is a…

Always on Privacy Basics

Read time: 30 seconds
Your mobile devices – including smartphones, laptops and wearables – are always within reach everywhere you go, and they share substantial information about you and your habits, such as your contacts, photos, videos, location, health and financial data. Follow these basic privacy tips to help you manage your privacy in an always-on world. To learn more about other ways to improve security,…

Prepare for the CCPA

Read time: 60 seconds
The California Consumer Privacy Act (CCPA), modeled in part on GDPR and passed in June 2018, is scheduled to come into effect in January 2020. Although some provisions are still being negotiated, it seems clear at this point that the CCPA will protect the personal data of people within a defined geographic area (in this case California) even when that…

Get Your Board On Board With Cybersecurity

If you’re frustrated by how little your board of directors seems to understand about cybersecurity, take heart: you’re not alone. Recent research by security firm Focal Point Data Risk shows that security pros see their job as guiding the business and preventing loss, while business leaders think of security primarily as a way to protect company data and the corporate…

A Law to Help Strengthen SMB Cybersecurity

There’s a new cybersecurity regulation in town, but your company isn’t on the hook for compliance. The NIST Small Business Cybersecurity Act, signed into law in August, requires the National Institute of Standards and Technology (NIST) to use existing funds to help SMBs identify, assess, manage, and reduce their security risks. It gives NIST up to one year to create…

Beware This New Mac Attack

A new security threat makes it possible to hack a new Mac laptop right out of the box. Wired reports that the exploit targets companies using Apple’s Device Enrollment Program and Mobile Device Management platform to let employees perform their own customized IT setups from a satellite office or home. Researchers discovered a way to install malicious software as soon…

Don’t Bite the Dangling Lure of Free Stuff

Everybody loves to get something for nothing—which is why cyber criminals are having a lot of success convincing people to give away a lot of personal information in exchange for a free gift card. The gift card phishing scam lets criminals get paid for every click as they lure victims to answer a bunch of questions. Then they make more…

Solving the Privacy Paradox

Security and privacy usually go hand in hand, but they can also conflict. For example, encryption keeps sensitive information away from prying eyes, but it can also disguise malware sneaking onto your network. Saving incident data indefinitely can help you analyze security threats in the archived data, but if the data isn’t anonymized, it’s at permanent risk of a privacy…

What Keeps CISOs Up at Night?

When Chief Information Security Officers (CISOs) lie awake at night, they’re most worried about how to find enough cybersecurity pros to keep up with increasing IT security threats. Most believe they’re more likely to suffer a data breach or cyberattack in 2018 than they were in 2017. And most of them expect those breaches and attacks will stem from inadequate…

January 28 Was Data Privacy Day

January 28 was Data Privacy Day, and now’s a great time to check your privacy practices against these best practices: Understand what a data breach is Be aware of environmental risks Deploy multiple layers of protection Collect only the data you need Be prepared to respond to a breach quickly If you need help creating or reinforcing your privacy policies…

Security Compliance is Always a Smart Investment

Yes, it costs a lot to maintain compliance with security regulations. No, you can’t afford to skip it. A new study from Ponemon Institute shows that organizations that are found non-compliant with data protection requirements will spend 2.7 times more money getting into compliance than they would have if they’d been compliant in the first place. That’s no small expense,…

2017 in Cybersecurity: A Cautionary Tale

From Anthem Blue Cross’s historically high $115 million settlement for a breach that exposed patient information to the life-threatening WannaCry malware attack that shut down IT systems at 16 UK hospitals, the repercussions of cybersecurity lapses became more painfully clear in 2017 than ever before. If you were looking for case studies proving the need for more attention to cybersecurity,…

Get Strong Security and a Good User Experience

An easy-to-use system is pointless if it’s also easy to breach. On the other hand, “perfect” security is no good if it makes the product or service unusable! Unfortunately, conventional wisdom is that the more secure a system is, the more difficult it is to use — but advances in security technology and techniques mean that’s not true any more.…

Beware the Social Engineer

“I can tell a scam when I see one,” your employees say. “I know not to click on links in random emails,” they say. But what if they get a request for network access or credentials that looks totally legit…but isn’t? Read this “white hat” hacker’s detailed description of how he infiltrated a Fortune 500 company with nothing more than…

Blog

CYBERSECURITY AND COMPLIANCE

5 Things to Know About Phishing Attacks

Read time: 45 seconds
Phishing attacks are one of the most common security challenges that both individuals and companies face in keeping their information secure. Whether it’s getting access to passwords, credit cards, or other sensitive information, cybercriminals are using email, social media, phone calls, and any form of communication they can to steal valuable data. Click here to learn about five phishing fundamentals…

January 28th is Data Privacy Day

Read time: 20 seconds
Join us on January 28 for the Data Privacy Day 2020 event live from LinkedIn! Experts will discuss the changes GDPR has had on the privacy landscape across the globe.  Register by clicking here.

SEC Announces 2020 Examination Priorities

Read time: 45 seconds
The SEC recently released their 2020 examination priorities. These are the areas the examination branch of the SEC (OCIE) will be focused on during exams this year. The SEC specifically calls out RIAs in this year’s priorities: “Specific to RIAs, OCIE will continue to focus its examinations on assessing RIAs’ protection of clients’ personal financial information. Particular focus areas will…

IT Security is a Long-Term Investment

Read time: 60 seconds
According to Canon’s latest Office of the Future Survey, the same digital transformations that are making companies more productive, efficient, and innovative are also unearthing security vulnerabilities. For example, nearly half (46%) of survey respondents say they’re spending less than 5% of their IT budget on security. Only 25% have state-of-the-art disaster recovery procedures in place. An astonishing 40% have no security agenda…

Strategic, Reliable, and Secure. Learn more about our services.

Review Who Gets to See What

IT isn’t like a rock festival – you don’t want to give anyone an all-access pass. Complying with regulations like CCPA, HIPAA, PCI DSS, and Sarbanes-Oxley, requires you to control who can access what data and applications across your company. You also have to monitor, manage, and audit every single user account, from creation to termination, and keep a record…

It’s a New Era for Privacy Compliance

Read time: 50 seconds
As new data privacy regulations like the California Consumer Privacy Act (CCPA) roll out, organizations concerned about compliance are changing how they handle sensitive customer information. One interesting trend we’ve noted is that companies are creating committees to handle customer requests about their personal information, often including someone from the privacy office, someone from the security office, and someone from…

It’s Everyone’s Job to Ensure Online Safety at Work

Read time: 30 seconds
The lines between our work and daily lives are becoming increasingly blurred, and it is more important than ever to be certain that smart cybersecurity practices carry over between the two. When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency – your organization’s online security is a…

Always on Privacy Basics

Read time: 30 seconds
Your mobile devices – including smartphones, laptops and wearables – are always within reach everywhere you go, and they share substantial information about you and your habits, such as your contacts, photos, videos, location, health and financial data. Follow these basic privacy tips to help you manage your privacy in an always-on world. To learn more about other ways to improve security,…

Prepare for the CCPA

Read time: 60 seconds
The California Consumer Privacy Act (CCPA), modeled in part on GDPR and passed in June 2018, is scheduled to come into effect in January 2020. Although some provisions are still being negotiated, it seems clear at this point that the CCPA will protect the personal data of people within a defined geographic area (in this case California) even when that…

Get Your Board On Board With Cybersecurity

If you’re frustrated by how little your board of directors seems to understand about cybersecurity, take heart: you’re not alone. Recent research by security firm Focal Point Data Risk shows that security pros see their job as guiding the business and preventing loss, while business leaders think of security primarily as a way to protect company data and the corporate…

A Law to Help Strengthen SMB Cybersecurity

There’s a new cybersecurity regulation in town, but your company isn’t on the hook for compliance. The NIST Small Business Cybersecurity Act, signed into law in August, requires the National Institute of Standards and Technology (NIST) to use existing funds to help SMBs identify, assess, manage, and reduce their security risks. It gives NIST up to one year to create…

Beware This New Mac Attack

A new security threat makes it possible to hack a new Mac laptop right out of the box. Wired reports that the exploit targets companies using Apple’s Device Enrollment Program and Mobile Device Management platform to let employees perform their own customized IT setups from a satellite office or home. Researchers discovered a way to install malicious software as soon…

Don’t Bite the Dangling Lure of Free Stuff

Everybody loves to get something for nothing—which is why cyber criminals are having a lot of success convincing people to give away a lot of personal information in exchange for a free gift card. The gift card phishing scam lets criminals get paid for every click as they lure victims to answer a bunch of questions. Then they make more…

Solving the Privacy Paradox

Security and privacy usually go hand in hand, but they can also conflict. For example, encryption keeps sensitive information away from prying eyes, but it can also disguise malware sneaking onto your network. Saving incident data indefinitely can help you analyze security threats in the archived data, but if the data isn’t anonymized, it’s at permanent risk of a privacy…

What Keeps CISOs Up at Night?

When Chief Information Security Officers (CISOs) lie awake at night, they’re most worried about how to find enough cybersecurity pros to keep up with increasing IT security threats. Most believe they’re more likely to suffer a data breach or cyberattack in 2018 than they were in 2017. And most of them expect those breaches and attacks will stem from inadequate…

January 28 Was Data Privacy Day

January 28 was Data Privacy Day, and now’s a great time to check your privacy practices against these best practices: Understand what a data breach is Be aware of environmental risks Deploy multiple layers of protection Collect only the data you need Be prepared to respond to a breach quickly If you need help creating or reinforcing your privacy policies…

Security Compliance is Always a Smart Investment

Yes, it costs a lot to maintain compliance with security regulations. No, you can’t afford to skip it. A new study from Ponemon Institute shows that organizations that are found non-compliant with data protection requirements will spend 2.7 times more money getting into compliance than they would have if they’d been compliant in the first place. That’s no small expense,…

2017 in Cybersecurity: A Cautionary Tale

From Anthem Blue Cross’s historically high $115 million settlement for a breach that exposed patient information to the life-threatening WannaCry malware attack that shut down IT systems at 16 UK hospitals, the repercussions of cybersecurity lapses became more painfully clear in 2017 than ever before. If you were looking for case studies proving the need for more attention to cybersecurity,…

Get Strong Security and a Good User Experience

An easy-to-use system is pointless if it’s also easy to breach. On the other hand, “perfect” security is no good if it makes the product or service unusable! Unfortunately, conventional wisdom is that the more secure a system is, the more difficult it is to use — but advances in security technology and techniques mean that’s not true any more.…

Beware the Social Engineer

“I can tell a scam when I see one,” your employees say. “I know not to click on links in random emails,” they say. But what if they get a request for network access or credentials that looks totally legit…but isn’t? Read this “white hat” hacker’s detailed description of how he infiltrated a Fortune 500 company with nothing more than…
Menu