Controls

Eclipsing the Manifesto

Four disparate words With a number and a special character, for good measure Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Last week I posted a GPT summary of my infamous “Password manifesto.”   Today...
READ MORE

Retrospective: Password Aging

A look back at 2008 And a radical manifesto of the timer Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In 2008 I wrote an article, published in Hoosier Banker magazine, that we have since called “The Password Man...
READ MORE

NIST Proposes Changes to Outdated Guidance

An evolving threat landscape means the original 2015 guidance is in need of an update… An Article Review. The National Institute of Standards and Technology (NIST) is considering an update to its 2015 Special Publication 800-171, which contains cybersecurity cont...
READ MORE

New Attacks Target Multi-Factor Authentication

Microsoft, Cisco and Uber are among the companies hit by this new threat… An article review.  As more organizations adopt multi-factor authentication to help safeguard their systems hackers have adapted, and several major corporations have been among those hit by ...
READ MORE

Why Awareness Training Should Go Beyond Your Own Services

With nearly three in four people using third-party payment services tied to their bank accounts, the risk isn’t limited to your own policies and procedures… An article review. When working on cybersecurity awareness messages for your customers you may be in...
READ MORE

An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet

Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of  IT Examination Handbooks. It i...
READ MORE

A Cloud Security Reminder

Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely...
READ MORE

NSA and CISA Issue New Guidance on DNS

Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recent...
READ MORE

The Problem with Cybersecurity Insurance

The cybersecurity industry faces challenges, and some of them may involve your business… An article review. In a world where threats to your organization’s electronic assets are constantly emerging and evolving a cybersecurity insurance policy can help miti...
READ MORE

SolarWinds Incident

infotex does not use SolarWinds… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As recently reported by major news outlets there is currently an ongoing attac...
READ MORE

CATEGORIES

infotex

MANAGING TECHNOLOGY RISK

Linkedin-in Facebook-f Youtube Twitter

SERVICES

EDUCATION

COMPANY

CONTACT

SIGN UP FOR OUR BLOG

As part of infotex‘s service to our clients, find “non-mainstream” articles about relevant security issues.

Facebook Youtube Twitter