1.888.749.9800

Yearly Archives: 2014

Tips to Making Passwords Stronger

Following up on Jon’s recent post looking at changes enterprises can make to achieve security serenity, I’d like to offer some specific tips on how to make stronger passwords and some general online account safety advice.

  • Use a unique mix of character types (both letters and numbers) and capitalization in your password – the use of varied characters (*&^%$#) and […]
By |December 29th, 2014|Blog|Comments Off on Tips to Making Passwords Stronger
  • Permalink Gallery

    Seven Changes Your Enterprise Can Make to Achieve Security Serenity Now

Seven Changes Your Enterprise Can Make to Achieve Security Serenity Now

As the year comes to a close I wanted to take this opportunity to offer tips to help achieve security serenity. The best security technologies can be undone in a moment through poor user practice. In addition to the obvious instructions to users to choose high quality passwords and not to share them, I’d like to outline some Internet […]

By |December 19th, 2014|Blog|Comments Off on Seven Changes Your Enterprise Can Make to Achieve Security Serenity Now

Defending Big Data

SC Magazine’s Stephen Lawton recently interviewed me for the publication’s latest eBook Defending Big Data, looking at the big business of Big Data. During our conversation, I talked about how Big Data can create big problems for CISOs, because it is a major target for cyber criminals seeking to steal proprietary information, intellectual property and government information. I’m quoted […]

By |November 18th, 2014|Big Data, Blog|Comments Off on Defending Big Data

Defending Big Data: An SC Magazine ebook

by Stephen Lawton, editor, November 17, 2014 – Click here to download the entire ebook. (Following is an excerpt from SC magazine.)

Additional layers of identity credential access management could identify and stop a potential breach. Some enterprises, such as the NSA, are finding that migrating to the cloud aids in the […]

By |November 17th, 2014|News & Events|Comments Off on Defending Big Data: An SC Magazine ebook

Keeping Your Business Data Safe from Holiday Hackers

by Nicole Fallon, Business News Daily Assistant Editor   |   November 13, 2014 

In the wake of the recent string of corporate data breaches, businesses are more alert than ever about cybersecurity. Right now, many of them are also gearing up for the busy holiday shopping season, which brings more opportunities for hackers […]

By |November 13th, 2014|News & Events, PCI Compliance|Comments Off on Keeping Your Business Data Safe from Holiday Hackers
  • Permalink Gallery

    27 Data Security Experts Reveal The #1 Information Security Issue Most Companies Face With Cloud Computing & Storage

27 Data Security Experts Reveal The #1 Information Security Issue Most Companies Face With Cloud Computing & Storage

Digital Guardian, November 12, 2014

”What is the number one issue most companies face with cloud computing and data security, and what can they do to address the issue?”

Cloud computing is quickly becoming a mainstay for many technology companies today because of its superior flexibility, accessibility, and capacity compared to traditional online computing and storage methods. […]

By |November 12th, 2014|ISO 27002, News & Events, Uncategorized|Comments Off on 27 Data Security Experts Reveal The #1 Information Security Issue Most Companies Face With Cloud Computing & Storage
  • Permalink Gallery

    #1 Issue Companies Face with Cloud Computing and Data Security

#1 Issue Companies Face with Cloud Computing and Data Security

For companies purchasing cloud services, the number one priority should be how to evaluate the risk of using a particular vendor.

Many companies don’t have a solid process for determining how to evaluate a third party cloud vendor for risks nor how to assess the likelihood of a breach at a third party.  Too often, if a company does attempt […]

By |November 6th, 2014|Blog, ISO 27002|Comments Off on #1 Issue Companies Face with Cloud Computing and Data Security

Steps SMBs Should Take to Protect Their Data

With security breaches continuing to dominate the news, I’d like to take this opportunity to share my response to a recent Q&A addressing the steps small businesses should take to protect their data against security breaches. 

1.  What steps should small businesses take to protect their data and e-commerce sites?

One of the most important steps is to tightly control access to […]

By |October 21st, 2014|Blog, Penetration Testing|Comments Off on Steps SMBs Should Take to Protect Their Data
  • Insider Threat
    Permalink Gallery

    Insider Threats – More Damaging In Today’s Highly Connected Society

Insider Threats – More Damaging In Today’s Highly Connected Society

Insider threat —  a problem that evolves and changes, but never goes away

Sam Greengard, a contributing writer to CIO Insight, recently posed the question of how business can prevent insider threats. This is a challenge for most business because they lack the ability to detect or deter them.  In Sam’s

By |October 17th, 2014|Blog, Penetration Testing|Comments Off on Insider Threats – More Damaging In Today’s Highly Connected Society

How to Prevent Insider Threats

Samuel Greengard, contributing writer for CIO Insight, October 15, 2014

Insider threats aren’t going away anytime soon. Unfortunately, most businesses say they lack the ability to detect or deter them, nor are they adequately prepared for how to respond.

Over the last few years, especially in the wake of former contractor Edward Snowden’s disclosures about the National Security […]

By |October 17th, 2014|ISO 27002, News & Events, Penetration Testing|Comments Off on How to Prevent Insider Threats
  • Permalink Gallery

    An Expert Guide to Securing Sensitive Data: 34 Experts Reveal the Biggest Mistakes Companies Make with Data Security

An Expert Guide to Securing Sensitive Data: 34 Experts Reveal the Biggest Mistakes Companies Make with Data Security

Digital Guardian, October, 8, 2014

“The #1 biggest mistake companies make when it comes to securing sensitive data”

Keeping sensitive information secure from theft and vulnerability in today’s digital world isn’t as easy as putting a lock on the file cabinet – especially with the widespread adoption of cloud computing. And […]

By |October 9th, 2014|News & Events, Penetration Testing|Comments Off on An Expert Guide to Securing Sensitive Data: 34 Experts Reveal the Biggest Mistakes Companies Make with Data Security

How Do I Secure Sensitive Data?

How do I secure sensitive data?  The first step is knowing where your sensitive data resides. Second is having set policies to systematically and consistently categorize the data and having controls in place to ensure that all categories of data are handled appropriately.

For example, if a company had a policy that said that any dataset that contain personally identifying […]

By |September 29th, 2014|Blog, Penetration Testing|Comments Off on How Do I Secure Sensitive Data?

7 more security tips for mobile users (Part II)

Joe Stangarone, writer,  MRCs Cup of Joe Blog, September 9, 2014

Summary: Users have notoriously bad security habits. The problem is, many of these users are now bringing their personal devices–and their poor security habits–into the workplace. Learn how these users can better protect themselves (and your data) with these simple tips.

By |September 9th, 2014|News & Events, Penetration Testing|Comments Off on 7 more security tips for mobile users (Part II)

6 Popular E-Commerce PCI DSS Compliance Myths Explained

by Daniel Humphries, Managing Editor for IT Security research firmSoftware AdviceAugust 27, 2014

PCI DSS compliance applies to any business that accepts credit cards, whether they’re e-commerce or physical merchants. After all, just because your storefront is made of pixels and not brick-and-mortar doesn’t mean the PCI council is any less interested in how […]

By |August 28th, 2014|News & Events, PCI Compliance|Comments Off on 6 Popular E-Commerce PCI DSS Compliance Myths Explained

Surviving a Breach

The Target breach is making many in the IT security field take a closer look at their company’s information security and compliance practices. I’d like to share here some of the questions and answers from a recent media interview looking at “How to Survive a Breach.”

1. Are most companies prepared for a cyber breach?

We find […]

By |August 28th, 2014|Blog, PCI Compliance, Penetration Testing|Comments Off on Surviving a Breach