Vendor Risk Management Hype Extends Beyond Target®
The Target® Breach in November 2013 lives infamously in our memories and has served as a pivot point for all businesses with regard to third party vendor management (TPRM). After all, who could have imagined that the giant retailer would have been breached through a seemingly insignificant (more…)
Network Penetration Testing: What’s the Ideal Frequency to Conduct Pen Tests?
Some companies test once a year. Some test several times a year. So what frequency is correct for your organization? Well that all depends on how frequently your environment changes and other unique factors affecting your organization. When determining how often to conduct network penetration tests, consider the following:
Why A Penetration Test ≠ An Automated Vulnerability Scan
Both penetration tests and automated vulnerability scans are useful tools for managing vulnerabilities. While these are different testing methods, they are complementary and both should be performed. (more…)
Expecting the Unexpected, Removing Fear From a Security Incident
Once again another company is on the heels of a massive data breach where intellectual property, customer records, private information, you-name-it, has been compromised, a security incident. The recent news of Adobe Systemsi where a malicious entity stole intellectual property and accessed millions of credit card numbers is another case where “if (more…)
Why are Hackers Heckling the Director of the NSA?
The Hackers Heckling. The Black Hat convention is under way today in Las Vegas, and there, before a group of information-security-minded individuals, stood General Keith Alexander, Director of the NSA, getting heckled by conference attendees. Their complaints were targeted at the NSA’s surveillance activities and Director Alexander’s dubious testimony to Congress about those activities. (more…)
Higher Education (sampled colleges and universities) is a Prime Target for Security Breaches
FOR IMMEDIATE RELEASE
HALOCK Investigation finds that 25% of sampled colleges and universities are putting student and parent private financial data at risk
So you’ve been hacked… now what?
The other day I met with an executive whose company had recently been hacked. He looks me in the eye and says, “It’s like I paid someone to punch me in the face…Repeatedly!” Getting breached is a huge pain that costs a lot of money, productivity, time and your reputation can suffer as well. The simple fact that there was nearly an 80% (more…)
Incident Response Readiness-Ready for a breach?
Incident Response Readiness – Is your organization ready for a breach? Have you ever undergone a breach? Is there a breach going on right now? Or, ahem… have you undergone a breach and were not even aware that it occurred? Yikes… (more…)
Advanced Malware – Assume the Worst
With advanced malware these days, you’ve got to assume you’re probably already infected. Typical testing methods, though good for spotting vulnerabilities, may not find the malware already lurking in your environment. (more…)