Category Archives: Risk Assessments
HALOCK Infosec Newsletter
Find out what’s happening in the cyber security and risk management industry, and discover what that means for you. (more…)
NetDiligence® Cyber Risk Summit: Getting to Reasonable Cyber Risk
HALOCK partner Chris Cronin will be moderating a NetDiligence® Cyber Risk Summit panel with industry experts on risk based analysis process and legal, regulatory and security best practices. Attend the event to learn how to best establish ‘duty of care’ for cybersecurity. (more…)
CIS RAM (Risk Assessment Method) Launch & Webinar
CIS RAM (Center for Internet Security® Risk Assessment Method) is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls™ cybersecurity best practices. CIS RAM, a free tool, provides step-by-step instructions, examples, templates, and exercises for conducting a cyber risk assessment. (more…)
VULNERABILITY SCANS AND RISK ASSESSMENTS: KNOW YOUR AUDIENCE
By Chris Cronin, ISO 27001 Auditor, Partner
Cybersecurity is no longer a concern for just internal IT. All levels of the organization today should have a keen awareness and involvement when it comes to cybersecurity. That level of engagement should start at the top within the corporate boardroom (more…)
We Just Gave Away Our Cyber Security Intellectual Property. It was the right thing to do.
Why a Chicago-Based Cybersecurity Firm Just Released its Prized IP.
By Chris Cronin, ISO 27001 Auditor, Partner (more…)
ARE EMPLOYEE PERSONAL SOCIAL MEDIA ACCOUNTS MAKING YOUR NETWORK VULNERABLE?
Social media seems harmless enough especially when your employees stick to using it for personal reasons, but it can indirectly be responsible for critical security breaches. With some social engineering and patience, an attacker can use personal social media profile information to gain access to your corporate network. The attack is completely outside of your control and uses a combination of social engineering and phishing techniques. (more…)
PRIVACY VS SECURITY – WHAT’S THE DIFFERENCE?
By Chris Cronin, ISO 27001 Auditor, Partner
The ever-increasing demands from laws and regulations to protect personal information comes with confusion about what exactly our protection responsibilities are. One source of that confusion is in the use of the terms “privacy” and “security.” While “privacy” and “security” are both common terms used in laws, regulations, and security standards, they mean very different things and they are managed very differently. In fact, the difference between the two has a lot to do with what organizations are capable of controlling. (more…)