Cyber Risk Management Solutions
844-411-0404

Reduce Your Threat Landscape. Subscribe Today.

Subscribe

Topics

Is My Company Secure?

Saying “My company is secure” is like saying “My team scored 27 tonight”. The metric doesn’t matter if you have nothing to compare it against. Enter the framework.

A framework is a standardized methodology for selecting, implementing, testing, and maintaining a set of security metrics, also called security controls. There are many frameworks to choose; NIST, ISO, NERC, PCI, etc., etc. The point is that you want to compare yourself against a known yardstick.

read more

How to Fine-Tune a SIEM

It’s no longer a matter of IF, but WHEN you will be attacked; companies similar to yours are experiencing breaches daily. Regardless of the size of your business, we are all a potential target for a hacker.

Enter the SIEM. You’ve selected the technology, implemented it, and are now collecting all the data on all security events that happen within your infrastructure

read more

Watch On-Demand: How to Prepare for GDPR

GDPR, or General Data Privacy Regulation, will come into force on 25 May 2018. GDPR requires organizations to maintain a plan to detect data breaches, regularly evaluate the effectiveness of security practices, and document evidence of compliance.

read more

SIEM Use Cases: The Top 4 Reasons to Outsource

Given different challenges facing security departments, security monitoring is vital. Security professionals now feel the deck is stacked against them as cybercriminals continue to attack. Many organizations are outsourcing to third-party vendors for faster and better detection.

read more

March 2018 Data Breach Update

The business sector was the leader for the number of breaches in March 2018 with 45 breaches. These are breaches that are confirmed through media sources and/or notifications from state governmental agencies. The medical/healthcare industry had the second highest percentage of recorded breaches at 21 percent (19 breaches).

read more

Patching the Meltdown Patch

Do you remember the Meltdown and Spectre vulnerabilities that exploited critical vulnerabilities in modern processors in January 2018? It turns out the patch that Microsoft created for Meltdown could be worse than the original Meltdown vulnerability. Ulf Frisk, a Swedish penetration tester, warns in his blog:

read more

SamSam Strikes Again

SamSam, a ransomware that hackers use in targeted attacks, strikes again – this time shutting down the City of Atlanta. Hackers using SamSam usually scan the Internet for computers with open RDP connections. Attackers break their way into large networks by brute-forcing these RDP endpoints and then spread to even more computers. Once they have a sufficiently strong presence on the network, attackers deploy SamSam and wait for the victim organization to either pay the ransom demand or boot them off their network.

read more

Healthcare Industry: Protected Healthcare Information Update

PHI data or Protected Healthcare Information data is a big deal for security people in the healthcare industry. Protected health information (PHI) under the US law is any information about health status, provision of health care, or payment for health care that is created or collected by a Covered Entity (or a Business Associate of a Covered Entity) and can be linked to a specific individual. 

read more

Defining Reasonable Cybersecurity

Have you considered the legal ramifications of a potential data breach if your organization is hacked? Let’s look at the Equifax breach. The most recent headline was about the insider-trading charges that were brought against a former employee. He sold stock and options after learning of the massive data breach at the credit reporting agency. What’s next for Equifax?

read more