Finding a Test for Reasonable Security Practices: Embrace Complexity and Specifics
September 29, 2020
A working group of the Sedona Conference has proposed a solid answer to these questions. By its own description, the Sedona Conference is a nonpartisan, nonprofit research and educational institute dedicated to the advanced study of specific law and policy, including privacy and data security law. The Conference has just published a set of commentary on a reasonable security test. The paper is worth reading.Reasonable Security Sedona Conference
Spirion, a data protection and compliance company based in St. Petersburg, Fla., launched its Global Alliance Partner Program
September 22, 2020
Spirion, a data protection and compliance company based in St. Petersburg, Fla., launched its Global Alliance Partner Program, which spans software developers, technology providers, systems integrators and solution providers. Partners will “extend the functionality” of Spirion’s Data Privacy Management Framework, according to the company. Solution provider members of the program include GuidePoint Security and Halock Security Labs, while technology partners include ContextSpace, Seclore and Tonic.Sensitive Data Scanning Spirion
Spirion Unveils Global Alliance Partner Program
September 21, 2020
Establishes technology and solution provider partner ecosystem committed to strengthening personal data protection through best-in-class solutions. “Our collaboration with Spirion is one of HALOCK’s most strategic partnerships designed to address some of the most complex challenges related to data protection in large enterprise environments,” said Terry Kurzynski, HALOCK Security Labs Founding Partner. “Our alliance with Spirion extends our reach into understanding, controlling, and protecting what’s most important to our clients, their sensitive data.”Data Protection
3 Templates for a Comprehensive Cybersecurity Risk Assessment
July 28, 2020
Based on the Duty of Care Risk Analysis (DOCRA) that many regulatory bodies rely on to ensure that organizations are delivering reasonable risk management practices to protect their customers and vendors, the CIS RAM aligns with the CIS Controls specifically and uses a simplified risk statement to benchmark the level of risk associated and determine a viable safeguard to mitigate risk.Duty of Care Risk Analysis
Federal Trade Commission Aims to Ramp Up the Cybersecurity Efforts of Financial Institutions
July 14, 2020
The Federal Trade Commission is seeking to ramp up mandated cybersecurity efforts for financial institutions by altering the Gramm-Leach-Bliley Act’s Safeguards Rule, which requires financial institutions to develop, implement and maintain a comprehensive information security program.Federal Trade Commission GLBA Update
Information Security and Financial Institutions: FTC Workshop to Examine Safeguards Rule
July 1, 2020
The Federal Trade Commission (FTC) released the final agenda for a July 13, 2020 virtual workshop that will seek input on proposed changes to the Gramm-Leach-Bliley Act’s Safeguards Rule, which requires financial institutions to develop, implement, and maintain a comprehensive information security program.
HALOCK partner will serve as a panelist during the 9:30am session: The Costs and Benefits of Information Security Programs.FTC Gramm Leach Bliley Act Safeguards Rule Information Security
How to Create Smarter Risk Assessments
July 29, 2019
8 Vulnerabilities Penetration Testers Recommend You Address in 2019
February 7, 2019
Penetration testers are the frontline witnesses on cyber threats and vulnerabilities. They continue to see the same weaknesses and vulnerabilities within the enterprises they examine. Below, is a list of recommendations for you to be aware of in the year ahead.
HALOCK Helps Define “Reasonable” Risk: The Questions a Judge Asks You after a Data Breach
February 5, 2019
Chicago Tribune – HALOCK Security Labs is conducting an informative webinar to help establish ‘reasonable’ risk cybersecurity controls, based on the Duty of Care Risk Analysis (DoCRA) standard.
Do you know reasonable?
Enhance your security strategy to address your changing working environment and risk profile due to COVID-19. HALOCK is a trusted cyber security consulting firm and penetration testing company headquartered in Schaumburg, IL in the Chicago area servicing clients throughout the United States. Defining Reasonable Risk after a Data Breach
CRAIN’S Cyber Security Roundtable: Protecting Data in An Era of Vulnerability featuring Chris Cronin
October 23, 2018
Insightful discussion with Chicagoland information security experts in Crain’s Roundtable.
Cyber Security Summit: Chicago CIS RAM & Duty of Care
August 30, 2018
A key method that was showcased at the event was the practice of ‘duty of care‘. That is, businesses should assess their security controls to ensure that all parties are protected from potential harm.
HALOCK Security Labs Pledges to Support National Cybersecurity Awareness Month 2018 as a Champion
August 20, 2018
Security Magazine: Who in an Organization is Responsible for a Data Breach?
August 2, 2018
“While accountability starts with the CEO and corporate board, cyber security is a shared responsibility across every function and level of an organization.” – article in Security Magazine. Read more on how information security professionals must be aligned when it comes to security safeguards.Security Magazine Responsible for a Data Breach
June 19, 2018
HALOCK Annual Outing at Arlington Park
June 15, 2018
Schaumburg firm HALOCK celebrates over 20 years as an information security firm at the annual outing at Arlington Park. This year is quite special, as HALOCK co-developed with CIS® (Center for Internet Security), CIS RAM, an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cyber security best practices.
NetDiligence® CyberRisk Summit
June 1, 2018
The NetDiligence® CyberRisk Summit features leading experts in cyber security and cyber risk management participating in comprehensive panel discussions on hot topics, current issues and evolving trends in the cyber risk management industry. HALOCK partner Chris Cronin moderates an expert panel discussion on reasonable risk.
Do you know reasonable?NetDiligence CyberRisk Summit Reasonable Risk
Why a Chicago-Based Cyber Security Firm Just Released its Prized IP.
April 14, 2018
It was the right thing to do
My employer, HALOCK Security Labs, just gave away our highly valuable intellectual property. For years, we have been developing and improving a method for assessing cyber risk that acts as a universal translator for executives, regulators, judges, attorneys, and subject matter experts. The method, “Duty of Care Risk Analysis” has been very advantageous to us as we described our services to our clients.
CIS RAM Puts the CIS Controls™ into Action
April 4, 2018
CIS® recently released CIS RAM (Center for Internet Security Risk Assessment Method); CIS RAM is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cybersecurity best practices. Developed by HALOCK Security Labs in partnership with CIS, CIS RAM provides three separate security approaches to support different levels of organizational capability.
CIS RAM CIS Controls
CIS Controls™ Version 7 Launched
March 19, 2018
A panel including Greg Johnson, Vice President and Assistant General Auditor of the Federal Reserve Bank and Chris Cronin, a partner in HALOCK Security Labs discussed the CIS Controls V7. Learn more about the CIS Controls and risk assessment method, CIS RAM.CIS Controls
Your Spring Break Checklist: Cyber Edition
March 10, 2018
by Glenn A. Stout Ph.D., CISM, GSEC, PMP
As families prepare to take to the beaches, resorts and other vacation spots all over the world, bad actors area also preparing their various attacks on the unsuspecting. Use this vacation checklist to keep you cyber safe.