Management Awareness

P-7 The Top Seven Awareness Posters 2018

Some of them about passwords . . . By view count, here are the top seven posters as of 12/10/2018!Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Given what a hit the posters we did during the year were, ...

Legacy Devices Pose A Security Risk

Devices like fax machines and copiers are often classified as office supplies and slip past IT scrutiny… An article review. Despite all the advances in technology, most offices still generate large volumes of printed documents, and the devices used to produce and pr...

FTC Releases New Cybersecurity Guide

Focused on small businesses, the guide covers twelve topics you need to know to be secure… An article review. While there are many resources concerning cybersecurity out there, it can sometimes be difficult to find information tailored for smaller organizations inst...

Incident Response Boilerplate Update

We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. At infotex we are always revising and updating our boilerplates. We have recently made a significant change to our Incident Response Policy regarding Disclosure Incid...

National Cybersecurity Awareness Month Themes Announced

Weekly themes for the annual event have been announced… An article review. October is National Cybersecurity Awareness Month, and the weekly themes for this year’s event have been released: Oct. 1­–5: Make Your Home a Haven for Online Safety Oct. 8–12: Million...

Succession Planning Governance

What the FFIEC has to say about succession planning for members of the IT Governance process… We have been hearing about examination findings requiring Clients to create a succession plan for key members of the IT Governance process.  Dan asked me to update our resea...

Alert Fatigue: A Problem With Few Easy Solutions

Getting a message to the user is one thing, having them see it is another… An article review. In IT we often focus on identifying and communicating risk: to our users, to our superiors and to others in the field. Over the years, we’ve even developed new tools ...

The Cost of Being Unprepared

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal ...

Temporary Passwords: A Potential Weak Link

Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users,...

Merchandising as an Information Security Concept

Haven’t rotated your posters in a while? Your customers may not be seeing them anymore. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . One of the things I recently realized: some bankers I interact with do not ha...