Archive for 'Controls' Category
New Attacks Target Multi-Factor Authentication
By Vigilize - Last updated: Monday, October 17, 2022
Microsoft, Cisco and Uber are among the companies hit by this new threat… An article review. As more organizations adopt multi-factor authentication to help safeguard their systems hackers have adapted, and several major corporations have been among those hit by this new style of attack. This new technique, called MFA Fatigue or Push Spamming, involves […]
Why Awareness Training Should Go Beyond Your Own Services
By Vigilize - Last updated: Monday, September 19, 2022
With nearly three in four people using third-party payment services tied to their bank accounts, the risk isn’t limited to your own policies and procedures… An article review. When working on cybersecurity awareness messages for your customers you may be inclined to focus on your own systems, but a new study on security in digital […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
By Adam Reynolds - Last updated: Monday, July 26, 2021
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
A Cloud Security Reminder
By Vigilize - Last updated: Monday, July 19, 2021
Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely due to a flaw in the internet-facing component of their external hard drives. While […]
NSA and CISA Issue New Guidance on DNS
By Vigilize - Last updated: Monday, March 8, 2021
Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]
The Problem with Cybersecurity Insurance
By Vigilize - Last updated: Monday, February 8, 2021
The cybersecurity industry faces challenges, and some of them may involve your business… An article review. In a world where threats to your organization’s electronic assets are constantly emerging and evolving a cybersecurity insurance policy can help mitigate risk…but what kind of risk does the cybersecurity insurance industry face? A new article in the Harvard […]
SolarWinds Incident
By Vigilize - Last updated: Tuesday, December 15, 2020
infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attack on SolarWinds Orion network monitoring software builds released between March and June […]
Technology Planning 2020 Webinar
By Vigilize - Last updated: Tuesday, October 20, 2020
Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.
2020 Technology Planning Webinar
By Vigilize - Last updated: Tuesday, October 6, 2020
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Four Risk Appetite Statements
By Dan Hadaway - Last updated: Thursday, June 6, 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]
Microsoft, Cisco and Uber are among the companies hit by this new threat… An article review. As more organizations adopt multi-factor authentication to help safeguard their systems hackers have adapted, and several major corporations have been among those hit by this new style of attack. This new technique, called MFA Fatigue or Push Spamming, involves […]
With nearly three in four people using third-party payment services tied to their bank accounts, the risk isn’t limited to your own policies and procedures… An article review. When working on cybersecurity awareness messages for your customers you may be inclined to focus on your own systems, but a new study on security in digital […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
By Adam Reynolds - Last updated: Monday, July 26, 2021
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
A Cloud Security Reminder
By Vigilize - Last updated: Monday, July 19, 2021
Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely due to a flaw in the internet-facing component of their external hard drives. While […]
NSA and CISA Issue New Guidance on DNS
By Vigilize - Last updated: Monday, March 8, 2021
Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]
The Problem with Cybersecurity Insurance
By Vigilize - Last updated: Monday, February 8, 2021
The cybersecurity industry faces challenges, and some of them may involve your business… An article review. In a world where threats to your organization’s electronic assets are constantly emerging and evolving a cybersecurity insurance policy can help mitigate risk…but what kind of risk does the cybersecurity insurance industry face? A new article in the Harvard […]
SolarWinds Incident
By Vigilize - Last updated: Tuesday, December 15, 2020
infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attack on SolarWinds Orion network monitoring software builds released between March and June […]
Technology Planning 2020 Webinar
By Vigilize - Last updated: Tuesday, October 20, 2020
Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.
2020 Technology Planning Webinar
By Vigilize - Last updated: Tuesday, October 6, 2020
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Four Risk Appetite Statements
By Dan Hadaway - Last updated: Thursday, June 6, 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely due to a flaw in the internet-facing component of their external hard drives. While […]
NSA and CISA Issue New Guidance on DNS
By Vigilize - Last updated: Monday, March 8, 2021
Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]
The Problem with Cybersecurity Insurance
By Vigilize - Last updated: Monday, February 8, 2021
The cybersecurity industry faces challenges, and some of them may involve your business… An article review. In a world where threats to your organization’s electronic assets are constantly emerging and evolving a cybersecurity insurance policy can help mitigate risk…but what kind of risk does the cybersecurity insurance industry face? A new article in the Harvard […]
SolarWinds Incident
By Vigilize - Last updated: Tuesday, December 15, 2020
infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attack on SolarWinds Orion network monitoring software builds released between March and June […]
Technology Planning 2020 Webinar
By Vigilize - Last updated: Tuesday, October 20, 2020
Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.
2020 Technology Planning Webinar
By Vigilize - Last updated: Tuesday, October 6, 2020
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Four Risk Appetite Statements
By Dan Hadaway - Last updated: Thursday, June 6, 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]
Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]
The cybersecurity industry faces challenges, and some of them may involve your business… An article review. In a world where threats to your organization’s electronic assets are constantly emerging and evolving a cybersecurity insurance policy can help mitigate risk…but what kind of risk does the cybersecurity insurance industry face? A new article in the Harvard […]
SolarWinds Incident
By Vigilize - Last updated: Tuesday, December 15, 2020
infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attack on SolarWinds Orion network monitoring software builds released between March and June […]
Technology Planning 2020 Webinar
By Vigilize - Last updated: Tuesday, October 20, 2020
Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.
2020 Technology Planning Webinar
By Vigilize - Last updated: Tuesday, October 6, 2020
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Four Risk Appetite Statements
By Dan Hadaway - Last updated: Thursday, June 6, 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]
infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attack on SolarWinds Orion network monitoring software builds released between March and June […]
Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.
2020 Technology Planning Webinar
By Vigilize - Last updated: Tuesday, October 6, 2020
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Four Risk Appetite Statements
By Dan Hadaway - Last updated: Thursday, June 6, 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]
Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. Below is the 2020 Technology Planning movie! We will be […]
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]