Archive

“While accountability starts with the CEO and corporate board, cybersecurity is a shared responsibility across every function and level of an organization.”

HALOCK supporting the compassionate work of Lurie Children’s Hospital.

Schaumburg firm HALOCK celebrates over 20 years as an information security firm at the annual outing at Arlington Park. This year is quite special, as HALOCK co-developed with CIS® (Center for Internet Security), CIS RAM, an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cybersecurity best practices.

The NetDiligence® CyberRisk Summit features leading experts in cybersecurity and cyber risk management participating in comprehensive panel discussions on hot topics, current issues and evolving trends in the cyber risk management industry.

It was the right thing to do

My employer, HALOCK Security Labs, just gave away our highly valuable intellectual property. For years, we have been developing and improving a method for assessing cyber risk that acts as a universal translator for executives, regulators, judges, attorneys, and subject matter experts. The method, “Duty of Care Risk Analysis” has been very advantageous to us as we described our services to our clients.

HALOCK investigated 63 U.S. mortgage lenders and found that over 45 (70%) permitted applicants to send personal and financial information over unencrypted email as email attachments. This information includes tax documents and W-2′s. Eight out of the eleven top U.S. lenders were found to allow for the same unsecure practices as smaller lenders. Additionally, nearly 70% of the surveyed lenders encourage faxing sensitive data, which may reduce risks of breach, but are still not as secure as encryption.

In a recent study conducted by HALOCK Security Labs, a cyber security consulting firm based in Schaumburg, Ill., it was discovered that seven out of 10 mortgage companies allow information-sharing practices that put your personal and financial data at grave risk.

According to Terry Kurzynksi, founder and senior partner of HALOCK, “the entire [real estate industry] ecosystem is bad.” Kurzynski used Experian’s (one of the three major credit bureaus) recent involvement in an identity theft scheme affecting 500,000 Americans as an example.

CIS® recently released CIS RAM (Center for Internet Security Risk Assessment Method). CIS RAM is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cybersecurity best practices.  Developed by HALOCK Security Labs in partnership with CIS, CIS RAM provides three separate security approaches to support different levels of organizational capability.

A panel including Greg Johnson, Vice President and Assistant General Auditor of the Federal Reserve Bank and Chris Conin, a Partner in Halock Security Labs discussed the CIS Controls V7.

by Glenn A. Stout Ph.D., CISM, GSEC, PMP

As families prepare to take to the beaches, resorts and other vacation spots all over the world, bad actors area also preparing their various attacks on the unsuspecting.