About Us | Contact Us
View Cart
Archive for 'Incident Response' Category

Coders’ Rights: Protecting Security Researchers

By Vigilize - Last updated: Monday, October 22, 2018

We rely on them to keep our systems safe, but who is protecting the security researchers? An article review. Over the past few decades there have been a number of laws and regulations enacted with the goal of improving computer security, but due to the way many of them have been written they could be […]


Incident Response Boilerplate Update

By Adam Reynolds - Last updated: Monday, October 15, 2018

We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. At infotex we are always revising and updating our boilerplates. We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. It is of course very important to comply with all applicable laws and regulations, but […]


Cyber Challenge: A Community Bank Cyber Exercise

By Vigilize - Last updated: Sunday, July 29, 2018

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]


The Cost of Being Unprepared

By Vigilize - Last updated: Monday, April 30, 2018

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal organizations who have held their data hostage. That’s something that many people have probably […]


Risk Versus Severity When In A Panic

By Dan Hadaway - Last updated: Monday, April 9, 2018

Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]


Firewall Log Retention: Beyond The Guidance

By Dan Hadaway - Last updated: Monday, March 26, 2018

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]


Object Access Limitations

By Matt Jolley - Last updated: Monday, March 5, 2018

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]


FERPA’s Incident Response Checklist

By Vigilize - Last updated: Tuesday, December 5, 2017

How does FERPA factor in to your incident response plan? An article review. If you’re part of an educational institution you’ve probably heard of the Family Educational Rights and Privacy Act, or FERPA, but do you know the role it plays in incident response? If you don’t, fear not because the Department of Education has […]


Cybersanity in the Incident Response Age

By Jolley | Hadaway - Last updated: Friday, November 3, 2017

Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!


Imagine Having Your Audit Reports Published For All The World To See…

By Vigilize - Last updated: Friday, October 20, 2017

Following multiple security incidents, the FDIC has made their audit reports available to the public. An article review. Here in the private sector, we can sometimes take for granted the confidentiality agreements that restrict access to our audit reports and other compliance related information–but what if they were available to any interested parties? That’s exactly […]