Our Blog

Insights

RESULTS FOR: Cyber Security

After Standing Vacant During the Pandemic Lockdown, Is Your Office Environment Safe from a Physical and Cybersecurity Perspective?

March 3, 2021 | Cyber Security

As the roll out of COVID-19 vaccines picks up steam, business leaders should begin considering remobilization and the physical return of employees to the workplace. Before opening your doors, however, it is important to consider where your security environment stands.

Before the pandemic lockdown, many businesses operated with robust physical security programs and cyber hardening measures that placed an emphasis on maintaining the safety and security of their people, and a focus on preventing outsider threats from penetrating critical network … Read More

Cyber Attackers Choose the Path of Least Resistance: The Education Sector

August 13, 2019 | Cyber Security

From private schools to K-12 school districts and from learning centers to universities, cyber attackers have expanded their targets to include the numerous entities that make up the education sector.  Their ultimate goals remain the same: obtain sensitive information, hold these institutions (staff, faculty, students) as ransomware hostages and/or steal financial records to resell on the black market.

It is not surprising that cyber attackers have chosen to feed on this sector. This target is typically viewed by cyber attackers … Read More

Practical Tips for IoT Security – A Readiness Refresher Guide

June 19, 2018 | Cyber Security

The Internet-of-Things (IoT) revolution has certainly taken the “cyberspace” by storm. Newly manufactured devices today must be network-ready (hardwired and wireless, to include Bluetooth, RFID, etc.). This explosion of IoT devices has presented a “nervous” feeling concerning InfoSec, compliance and privacy within companies as well as consumers who want to use these products confidently and ensure that they will not introduce any new or expanded attack surface for malicious threats targeting their network(s) and critical information. What can be done

Read More

Cybersecurity Governance Converging Around Common Principles

February 28, 2018 | Security Consulting

This February marks an important milestone in the evolution of cybersecurity regulation: entities regulated by the New York State Department of Financial Services (DFS) were required to submit their first annual certification of compliance with New York’s, first in the nation, cybersecurity regulation by February 15, 2018. This occasion provides a good opportunity to reflect upon the emerging trends in the world of cybersecurity governance.
Since companies often answer to multiple authorities, the possibility exists for overlapping and even conflicting
Read More

Managing Security Risk Across Your Enterprise

August 24, 2017 | Cyber Security

Cyber Security Cover with outlineManaging risk at the enterprise level involves close collaboration of the physical and information security functions, responsibilities and missions. This encompasses enhanced communications and information sharing between the information technology, operational technology and physical security groups. The combined joint security operations center (JSOC) can be the most effective way to manage security risks across the enterprise.

The following article, Multi-Vector Threats and the  Argument for Greater Convergence, written in conjunction with our strategic partners at Revolutionary Security, was recently … Read More

The Ransom is the Least of Your Worries

June 5, 2017 | Cyber Security

Wannacry is the latest herald of cyber-Armageddon. Countless computers all over the world were rendered useless. Data became encrypted and unavailable. Pay the ransom or kiss your data goodbye forever was the threat.

Wannacry spread around the world very rapidly, affecting service companies, manufacturers, national healthcare systems, governmental agencies and individuals. By one report, the perpetrators of Wannacry have earned about $50,000 through their ransom demands. This is not a huge payoff, but it may be enough to provide … Read More

Cyber Security Fast Facts for Law Firms

May 24, 2017 | Cyber Security

Applying some basic legal skills can be really helpful for law firms as they move forward with their cyber security priorities. Lawyers tackle new matters all the time and no two cases are alike. There are factual issues to master, legal research to conduct and a plan to prepare to guide the transaction of litigation. Making assumptions, even when based on past experience, can be a serious error for a lawyer. A fresh case requires a fresh mind.

That same … Read More

Are Law Firms In The Cyber Criminal’s Cross Hairs?

May 12, 2017 | Cyber Security

From the Panama Papers to the recent indictment of three Chinese nationals for insider trading using stolen M&A information, law firms have become a target for information theft.  In many cases, the targeted law firm represents clients that have made significant investments in their own cyber security, and adversaries recognize that their attorney’s networks are often a much softer target.  In addition to the cyber attacks in the news headlines, there are an increasing number of breaches occurring that are … Read More

Putting a Dangerous Horse Out to Pasture

May 4, 2016 | Cyber Security

One of antiquity’s most enduring legends is that of the Trojan Horse. The Greeks were unable to breach the walls of Troy after ten years of warfare and had apparently left the outskirts of the city.  Instead of their implacable enemy, the Trojans found outside their wall a giant wooden horse which they understood to be a tribute to their stout defenses left behind by the gods or the Greeks. The horse, as we all know, was actually filled with … Read More

The Coming of the Cyber Monitor

January 20, 2016 | Cyber Security Monitoring

Regulators, like prosecutors, are increasingly turning to independent monitors as a means of moving non-compliant entities into compliance. It appears certain that the appointment of independent monitors to enforce compliance with cybersecurity regulations will become common.  Several financial industry regulators are moving to establish cybersecurity standards with which financial institutions will have to comply just as they do with money laundering and other regulations.

This past November, the New York State Department of Financial Services issued a memorandum to numerous
Read More