Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]

A new generation of interns may open organizations up to new risks… An article review. If you’ve been paying attention to the world of breaches and other security lapses over the years, the idea of the “insider threat” is probably nothing new—your own employees can sometimes be as likely to cause an incident as a […]

Years after patches were released, many systems remain vulnerable… An article review. While it has been over two years since the WannaCry exploit was publicly announced, a new report submitted by our own Sean Waugh says that hundreds of thousands of internet-connected machines are still vulnerable…and many of those machines belong to government agencies and […]

Product longevity and data privacy have been called into question… An article review. When Google announced it was absorbing smart thermostat maker Nest in 2018, many customers were concerned about the future of their internet-connected devices and the privacy of their data. Those fears were realized during Google’s I/O 2019 event, where several changes to […]

The nation’s largest core processor has been accused of multiple security lapses… An article review. For smaller banks and credit unions the resources needed to create and maintain their own online banking presence can be daunting. Even after the website is running and customers have a smartphone application they can use, maintaining those platforms and […]

Password expiration rules can create more problems than they solve… An article review. Passwords, it seems, are a lot like diets. They’re often necessary, but no one really wants to have to deal with them–and we’re always looking for the next trick to make the process easier. And just like there’s always a new diet […]

As user awareness grows, criminals are changing their tactics… An article review. First, some good news: Users are becoming more aware of phishing attacks, especially high-ranking users such as executives. Unfortunately, the bad news is that criminals are aware of this and are adapting their strategies to target new groups. The new targets, according to […]

The malware was distributed through Asus’ own tool, and was signed with a valid certificate… An article review. When it comes to avoiding malware and other internet attacks, most users know you should avoid downloading files from unknown sources—but a recent attack targeting Asus customers is a reminder that sometimes even that may not be […]

A simple $30 part and publicly available code allowed access to keys… An article review. Researchers recently announced a new successful attack against Bitlocker, a full-disk encryption tool that has built into Windows since Vista, and the attack is surprisingly simple in its execution. The attack, detailed in an article submitted to us by our […]

Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: