Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
Incident Response Handling
You have an incident – may be a breach in progress, may be a breach that happened a while ago but is just noticed – what is your incident response? What do you do? Do you have a plan? Have you tested your plan recently? Is everyone trained in their responder role? (more…)
Social Engineering
Is everyone familiar with social engineering testing? It’s a test of the natural tendency of a person to trust another person’s word, rather than exploiting actual computer security holes. (more…)
PCI Compliance is one of the most detailed information security standards out there!
Pretty much everyone is aware of PCI these days. The Payment Card Industry Data Security Standard (PCI DSS) is one of the most detailed information security standards out there and in most cases has elevated the level of security within organizations. (more…)
Information Security Risk Assessment
A cyber security risk assessment goes beyond running a vulnerability scan and creating a prepackaged report. A risk assessment is a holistic examination of your security infrastructure, technology, people, and processes to develop a list of organizational risks based on potential business impacts. Whoa! Let’s examine that last sentence. (more…)
HIPAA Gap Assessment
Let’s talk about HIPAA Gap Assessments. First of all, what is it? HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA (not HIPPA) requires organizations that handle electronic protected health information (another abbreviation for you: ePHI) to ensure that this information remains secure. (more…)
2011 – Security Hacks
Dark Reading had another great article recently on the “7 Coolest Hacks of 2011”. This was by Kelly Jackson Higgins. (more…)
Incident Response – A Human Endeavor
When an incident occurs, with the amount of technology involved, it’s easy for one to forget the human element. Incident Response is largely a human matter. (more…)
Benefits of ISO 27001 Certification
ISO 27001 is the formal set of specifications against which organizations may seek certification of their Information Security Management System. The intent is to bring information security under management control and to instill process into an organization. While most companies have an IT and / or an information security department, best practices of an Information Security Management System are to bring together their controls and mandate continuous improvement. (more…)