New FBI statistics suggest compromised business email accounts have led to over 12 billion dollars in losses since 2013… An article review. So much attention has been paid to ransomware, botnets and other relatively recent developments that it’s easy to forget about some of the older threats that are still out there claiming victims. Our […]

While already happening in practice, the new legislation would officially make it one of the agency’s priorities. An article review. In an acknowledgment of what is recognized as a growing threat, legislation introduced recently in the House of Representatives would officially add industrial control systems to the Department of Homeland Security’s cybersecurity priorities. The bill, […]

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal organizations who have held their data hostage. That’s something that many people have probably […]

Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]

While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]

Haven’t rotated your posters in a while? Your customers may not be seeing them anymore. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . One of the things I recently realized: some bankers I interact with do not have the same  understanding of merchandising that I […]

Motivating employees toward awareness can take more than prizes and prodding… An article review. Keeping your employees on top of security related issues can sometimes seem to be a daunting task, and it’s not something that can ever be considered finished: it’s an ongoing process much like the threats themselves. Considering that, it’s not surprising […]

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]