1.888.749.9800

Blog

  • Permalink Gallery

    Important Tip for Companies Looking to Protect Unstructured Data

Important Tip for Companies Looking to Protect Unstructured Data

Most companies are very good at protecting data that they know about and consider sensitive – they restrict access to the HR systems where compensation data is available.  They put access controls and monitoring procedures on systems that store critical intellectual property like formulas or key financial analytics.

Typically, they have formal policies and associated technology […]

By |October 19th, 2016|Blog, Security Breach|Comments Off on Important Tip for Companies Looking to Protect Unstructured Data

Important Sources of Threat Intelligence for Security Teams

The goal of threat intelligence (TI) is to recognize indicators of attacks as they progress and act upon those indicators in a timely manner. TI is not a mature area for most organizations.

While tools to automate TI exist and are evolving, most organizations are still using informal ad hoc mechanisms or a small number […]

By |September 26th, 2016|Blog, Security Breach|Comments Off on Important Sources of Threat Intelligence for Security Teams

Cybersecurity Responsibilities for SMBs

Cybersecurity is a topic that many small and most medium-sized businesses care about due to all of the news stories about data breaches, identity theft, and ransomware that have appeared in the last several years.  Some small and medium-sized businesses have realized that having a strong cybersecurity program can be a strategic asset for their particular market […]

By |September 9th, 2016|Blog, Security Breach|Comments Off on Cybersecurity Responsibilities for SMBs

Cybersecurity by Segregation

With recent news of Singapore disconnecting its government networks from internet access, and now requiring civil servants to use separate computers, I was asked to comment on the security issues this cybersecurity segregation will cause.

Deciding to disconnect from the Internet is clearly a difficult decision and more than likely a result of a reaction to […]

By |August 23rd, 2016|Blog, Security Breach|Comments Off on Cybersecurity by Segregation

IoT Hidden Security Risks

While the security of IoT devices is a growing area of concern for the enterprise, the biggest IoT risk for businesses is if they decide to react to IoT issues rather than plan and prepare for them. Everybody knows that the earlier in a cycle you can deal with a problem, the less expensive it […]

By |August 10th, 2016|Blog, Security Breach|Comments Off on IoT Hidden Security Risks

Reducing the Risks of Shadow IT

I was recently asked to comment on what businesses can do to reduce the security risks of Shadow IT. To read the full article click here and if you just want to read my comments – see below.

Plain talk shadow IT exists when corporate IT is failing in a fundamental way.

Weve seen currency traders set up […]

By |July 19th, 2016|Blog, BYOD|Comments Off on Reducing the Risks of Shadow IT
  • Permalink Gallery

    DNS: How it Works and Best Practices to Defend Against DNS-based Threats

DNS: How it Works and Best Practices to Defend Against DNS-based Threats

The Domain Name System (DNS) is a central element in the addressing and routing of all communication over the Internet. Many enterprise IT security professionals don’t always know how DNS works, or how attackers might use it to compromise their data. Following is a discussion about recent attacks and exploits that use DNS and some best practices for defending […]

By |July 6th, 2016|Blog|Comments Off on DNS: How it Works and Best Practices to Defend Against DNS-based Threats

The Dangers of Wireless Technology on the Road

How to Protect Your Data in Airports, Coffee Houses, and Hotels

In a recent interview, I was asked a series of questions about the dangers of wireless technology on the road. I’d like to share my responses here as to ways that travelers can protect their data when hooking up to “free” wireless technology in airports, […]

By |June 13th, 2016|Blog, Security Breach|Comments Off on The Dangers of Wireless Technology on the Road

Cyber Warfare Exercise: part two

There are only two certainties in a company’s life: Taxes and your network will be hacked.

I recently returned from the 15-day cyber warfare exercise hosted by the Massachusetts Army National Guard.  Attendees included soldiers and airmen from Vermont, New Hampshire, Maine, Massachusetts, Connecticut, and Rhode Island as well as personnel from private organizations such as […]

By |June 6th, 2016|Blog, Penetration Testing, Security Breach|Comments Off on Cyber Warfare Exercise: part two

Protecting Data from Cyber Thieves

Getting hacked is one of the most feared outcomes for anybody who is doing business on or through the Internet. The bad news is there are always people trying to hack systems and get access to sensitive, private or confidential data. The good news is that the tips a financial advisor should follow to safeguard sensitive client […]

By |May 23rd, 2016|Blog, Security Breach|Comments Off on Protecting Data from Cyber Thieves

Teacup Tempests

A recent data breach scare highlights the importance of carefully evaluating news reports of data breaches before reacting. Reuters (followed by many others) broke a story relating how 272 million account credentials – including Gmail, Microsoft and Yahoo! Email – had been exposed. “Change your password now!” read the headlines. Time to react, right?

Or not. […]

By |May 10th, 2016|Blog, Security Breach|Comments Off on Teacup Tempests

Cyber Warfare Exercise

cyberwarriorIn the next few weeks I will be participating in an intensive 15-day cyber warfare exercise hosted by the Massachusetts Army National Guard.  This exercise is conceptualized around a cyber attack affecting critical infrastructure in the Northeast with an emphasis on public and private collaboration.

I will be working on a “Red […]

By |May 5th, 2016|Blog, Penetration Testing|Comments Off on Cyber Warfare Exercise

The Internet of Things (IoT); what’s to worry about?

Submitted by Brad Johnson and Paul Hill

There is no doubt that the concept of the Internet of Things (IoT), a term that’s been around since 1999 from an Auto-ID Center project at MIT, is gathering huge momentum and will be stampeding into your world whether you are ready for it or not. IoT is simply […]

By |April 29th, 2016|Blog, Security Breach|Comments Off on The Internet of Things (IoT); what’s to worry about?
  • Permalink Gallery

    Is the Panama Paper leak saying anything new about IT security?

Is the Panama Paper leak saying anything new about IT security?

The Panama Paper leak is an example of a whistleblower situation. Clearly, some of those types of situations have been seminal events that have shaped history, policies and perceptions: e.g., Daniel Ellsberg and the Vietnam War, “Deep Throat” and Watergate, and Julian Assange of WikiLeaks to name a few. The up-side of these is that it creates a degree […]

By |April 20th, 2016|Blog, Security Breach|Comments Off on Is the Panama Paper leak saying anything new about IT security?

What’s Ethical Hacking?

Often in social situations, when people ask what I do for living, I have to pause for a moment.  If I want to deflect the conversation, I just say “computer security” and their eyes usually glaze over and we move on to other topics.  However, if I’m honest and say “ethical hacking,” this invariably arouses more interest. […]

By |April 7th, 2016|Blog, Penetration Testing|Comments Off on What’s Ethical Hacking?