Our Blog


RESULTS FOR: Cyber Security

The SEC has new Cybersecurity Rules. Are you prepared and ready?

August 16, 2023 | Compliance Cyber Security

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally, public companies will be required to provide annual disclosures regarding cybersecurity governance and risk management in order to be more transparent about their cybersecurity posture. These rules become effective in December 2023 and will influence both compliance costs and the potential for enforcement actions.

Companies and entities subject to these rules Read More

Shielding Your Workforce: Strategies for Safeguarding Employees during Mass Layoffs and High-Profile Terminations

March 29, 2023 | Cyber Security

The recent wave of mass layoffs has created an uptick in protests and demonstrations by those affected. In some cases, pay and benefit cuts in lieu of layoffs have also resulted in significant repercussions, as evident by the 700-day Warrior Met Coal strike in Alabama. Unfortunately, some have led to violence or even death, as with the five killed during the 2019 shooting at the Henry Pratt Company in Aurora, Illinois.

The impact on safety:

Bloomberg editor, Sarah … Read More

Forget Spy Balloons – The Bigger Threat is TikTok

March 22, 2023 | Cyber Security Monitoring Privacy Risk + Compliance

After the downing of the Chinese spy balloon by U.S. Forces in early February 2023, several additional objects have been identified over U.S. and Canadian airspace. While officials have denied that these were additional spy balloons, many have questioned what information was collected by these aerial spy devices, and for what purposes. Even though this is significant to national security, most citizens aren’t personally worried about this breach of privacy.

We suggest that an even greater threat to the average … Read More

The Secret to Protecting Your Digital Identity: Opt-Outs

February 7, 2023 | Cyber Security

When I first got into the privacy space several years ago, I had a basic understanding that the biggest, single source “leak” of personal data is the person themself. People were using poor security settings for online accounts, oversharing on social media, and reusing the same username and password for multiple sites. All that made sense. What I was not expecting, though, was just how many different entities are collecting your data without your knowledge/awareness.

Let’s consider two common government … Read More

Social Media Unmasking: Removing Anonymity from Digital Bullies and Cyber Criminals

May 18, 2022 | Cyber Security

Whether or not Elon Musk’s recent acquisition of Twitter is a good thing or bad thing for the future of social media (Twitter accepts buyout, giving Elon Musk total control of the company – The Verge), one aspect of social media is unlikely to change: the abuse of social media platforms, by seemingly anonymous users, to harass, threaten, disparage, humiliate, scam, or falsely accuse individuals or companies of a panoply of hot button social issues. Often times, … Read More

Education sector communication considerations and network implications brought to light by COVID

April 21, 2022 | Cyber Security Design + Engineering Security Consulting

The pandemic has thrown school districts and community colleges quite a few curve balls including, at times, seeing their campuses devoid of students and regular day-to-day activity. During this time, we’ve seen our education clients adjust the focus of their security and safety programs and place renewed emphasis on improving mass notifications capabilities. It has been particularly interesting, and to some degree surprising, to see the number of educational institutions that operate with non-functional mass notification equipment, network-based equipment with … Read More

After Standing Vacant During the Pandemic Lockdown, Is Your Office Environment Safe from a Physical and Cybersecurity Perspective?

March 3, 2021 | Cyber Security

As the roll out of COVID-19 vaccines picks up steam, business leaders should begin considering remobilization and the physical return of employees to the workplace. Before opening your doors, however, it is important to consider where your security environment stands.

Before the pandemic lockdown, many businesses operated with robust physical security programs and cyber hardening measures that placed an emphasis on maintaining the safety and security of their people, and a focus on preventing outsider threats from penetrating critical network … Read More

The Ransomware Payment Risk

January 27, 2021 | Cyber Security Risk + Compliance

Deciding whether or not to pay off a criminal that has crippled your organization’s operations with ransomware is a painful undertaking.  It is a crucial decision that must be made at a time often described as “pure chaos.” Management, attorneys, IT staff, incident response/digital forensics experts, the communications team, insurance companies and others all take part in addressing the crisis with an eye toward restoring operations to normal as quickly as possible.  Time is of the essence.  When technical recovery … Read More

Cyber Attackers Choose the Path of Least Resistance: The Education Sector

August 13, 2019 | Cyber Security

From private schools to K-12 school districts and from learning centers to universities, cyber attackers have expanded their targets to include the numerous entities that make up the education sector.  Their ultimate goals remain the same: obtain sensitive information, hold these institutions (staff, faculty, students) as ransomware hostages and/or steal financial records to resell on the black market.

It is not surprising that cyber attackers have chosen to feed on this sector. This target is typically viewed by cyber attackers … Read More

Practical Tips for IoT Security – A Readiness Refresher Guide

June 19, 2018 | Cyber Security

The Internet-of-Things (IoT) revolution has certainly taken the “cyberspace” by storm. Newly manufactured devices today must be network-ready (hardwired and wireless, to include Bluetooth, RFID, etc.). This explosion of IoT devices has presented a “nervous” feeling concerning InfoSec, compliance and privacy within companies as well as consumers who want to use these products confidently and ensure that they will not introduce any new or expanded attack surface for malicious threats targeting their network(s) and critical information. What can be done

Read More