Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
2023 Cybersecurity Regulatory and Resources Calendar
Managing your security program is challenging, especially with compliance requirements evolving.
Here is a quick overview of the regulatory landscape for 2023. This reference provides links to the law or rules. It also includes references to help you make informed decisions on priorities, resources and technology to manage your risk.

Data Lost. Love Lost. Connecting at a Risk.
Online connections bring wonderful surprises – new friends and colleagues, and some even get married to their online match. But sometimes the surprises are not so wonderful. Here’s a quick look at why you should protect your heart and your assets.

T-Mobile Agrees to a $350 Million Data Breach Settlement
T-Mobile is the second-largest wireless carrier in the U.S. and has an estimated 110 million subscribers. The company has been repeatedly targeted by external threat actors over the past decade. The first large breach occurred between September 1, 2013 and September 16, 2015 and affected some 18 million customers. Another breach occurred in 2018, involving more than 2 million customers. It experienced another attack in 2019 involving its prepaid customers followed by two attacks in 2020.

Blackhawk Networks – Data Breach of Prepaid Gift Card Company Results in Lawsuit
Blackhawk Networks, a private global branded payment company headquartered in California, is the object of a proposed class action lawsuit over an alleged “foreseeable” data breach that occurred in September of 2022 which has affected thousands of consumers.

Herff Jones: Graduation Purchases Lead to a Data Breach and a $4.35 Million Settlement
Herff Jones has been in business for over a century, selling graduation products such as caps and gowns, class rings and yearbooks to students and their parents to help mark their educational accomplishments. On May 12, 2021, the company posted a red banner on the top of its homepage that read “HERFF JONES CYBER SECURITY INCIDENT UPDATE.” The company was the victim of a data breach that occurred between August 1, 2020, and April 30, 2021. The attackers managed to place malware on the company’s servers that was then used to capture customer payment card information. This event resulted in a litigation suit affecting thousands of students and parents from across the country.
(more…)
What is a Web Application Firewall (WAF)?
As our economy turns to automation for business efficiencies, we are seeing the growth of web applications and APIs (Application Programming Interfaces) as the main methods to connect with customers and clients. Organizations must prioritize web application security, as cyber criminals have also identified web apps as an entryway into company networks. Public-facing apps are the most widely used attack vector to penetrate an organization’s perimeter.