Leading Cybersecurity from the Top of your Company – A CEO’s Role in Setting the Tone

There are no 100% guarantees in information security. We all talk about it.  Often, we turn to technical solutions to solve security problems. For each solution, someone can offer a reason it won't work. Far too often we end up declaring "breaches are inevitable."  This is where many firms throw…

Continue Reading Leading Cybersecurity from the Top of your Company – A CEO’s Role in Setting the Tone

Launch an Information Security Program for any Size Team – Cybersecurity Tips from the Pros

    In what has become a “tip of the iceberg” wave of security breach reporting, most companies suffer the effects quietly.   Each year we look back on countless examples of large and small companies falling victim to cyber security breaches.   While the largest cases (often with tens…

Continue Reading Launch an Information Security Program for any Size Team – Cybersecurity Tips from the Pros

Avoid Cybersecurity Risk in Mergers and Acquisition with these Top Strategies

  Since significant M&A due diligence activity centers on on valuation both of the asset today (point in time) and as an ongoing source of positive economic activity, risk assessment has long been a foundation of transactions.   The dawning realization among [some] M&A due diligence teams is that risks…

Continue Reading Avoid Cybersecurity Risk in Mergers and Acquisition with these Top Strategies

Shocked by False Security in Medical Records Software – The Rough Edges of Encryption Claims

Recently, the Federal Trade Commission (FTC) announced a $250,000 fine and a Consent Order with Henry Schein over misleading claims about encryption in their software. If we're honest, for the average consumer it’s not even a blip on the radar. That changes when we're talking about a child's health records. I've…

Continue Reading Shocked by False Security in Medical Records Software – The Rough Edges of Encryption Claims

Start Crushing Cyber Risk in your Company Now

 I attended a Cyber Security presentation this morning organized by a leading insurance and benefits provider with offices in St. Louis. They brought together speakers representing brokers, wholesale as well as accounting and audit to discuss cyber security with business owners.As they build momentum around cyber-liability offerings, it’s becoming clear…

Continue Reading Start Crushing Cyber Risk in your Company Now

Cybersecurity Assessments that Work for You – Three Techniques to Find (and Eliminate) Risks

 If you have the curiosity and time, I recommend reviewing NIST Special Publication 800-115, "Technical Guide to Information Security Testing and Assessment". In addition to being 80 pages of excitement and fun, this document provides us with rich details on testing information technology systems using a consistent approach.  For the sake…

Continue Reading Cybersecurity Assessments that Work for You – Three Techniques to Find (and Eliminate) Risks

Wireless Risks will Wreck your Day – Pick Secure HotSpots and Watch for the Signs

At work, home, or in public, everyone is exposed to threats while using WiFi on their phones, tablets or computers. Fortunately, many Wi-Fi risks can be mitigated easily. "Open" hotspots create an immediate risk of eavesdropping with few barriers, but even secured networks in public can compromise the path between…

Continue Reading Wireless Risks will Wreck your Day – Pick Secure HotSpots and Watch for the Signs

Usual Suspects – Let’s Play Patch or Pitch

    Updated: This is an outdated list, but I leave it here as a reminder.  Software has security a half-life.  That half-life is the combination of how long it takes for an attacker to find a weakness, for an exploit to be developed, and for you to realize it's…

Continue Reading Usual Suspects – Let’s Play Patch or Pitch

You have reached the last post.

No more pages to load