About Us | Contact Us
View Cart
Archive for 'Dan’s New Leaf' Category

The Pine Processionary

By Dan Hadaway - Last updated: Saturday, September 8, 2018

Battling Procedure Fatigue in Cybersecurity . . . Or . . . making sure we don’t just go through the motions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When it comes to the routine things in life, it can be easy to get […]


Unless You Are Based in Europe

By Dan Hadaway - Last updated: Sunday, May 27, 2018

Some businesses are attempting to capitalize on confusion over just who the GDPR applies to… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Several Clients have emailed a question to me this week (one even picked up that thing called a telephone, and called […]


Risk Versus Severity When In A Panic

By Dan Hadaway - Last updated: Monday, April 9, 2018

Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]


Our Blog Policy

By Vigilize - Last updated: Monday, April 2, 2018

While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]


Firewall Log Retention: Beyond The Guidance

By Dan Hadaway - Last updated: Monday, March 26, 2018

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]


Merchandising as an Information Security Concept

By Dan Hadaway - Last updated: Monday, March 19, 2018

Haven’t rotated your posters in a while? Your customers may not be seeing them anymore. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . One of the things I recently realized: some bankers I interact with do not have the same  understanding of merchandising that I […]


Our Compliance with #4040

By Dan Hadaway - Last updated: Monday, February 26, 2018

Dan’s decided to declare “in compliance” on a CAT Statement, and wants your opinion! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . How would you like to experience a little excerpt from an infotex risk assessment?  (Yes, we had to run this by our […]


R-7 – The Top Seven Risks – 2018

By Vigilize - Last updated: Tuesday, January 9, 2018

R-7 – The Top Seven Risks – 2018: Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been […]


The Magnificent Seven 2018

By Dan Hadaway - Last updated: Wednesday, November 22, 2017

Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance Welcome to the Magnificent Seven, my annual […]


Broadcast Awareness

By Dan Hadaway - Last updated: Monday, September 18, 2017

Steps One and Two . . . How to Substantially Decrease (and Streamline) Response Time Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Given that we have been watching networks since 2000, we have seen a LOT of incident responses.  There is a small, […]