Archive for 'Incident Response' Category
The Four Basic Truths of System Security
By Dan Hadaway - Last updated: Sunday, January 1, 2023
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
What to Expect from an infotex Incident Response Tabletop Test Movie
By Vigilize - Last updated: Monday, October 3, 2022
A Webinar Movie This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Data Breach Laws: A State-by-State Framework
By Matt Jolley - Last updated: Monday, September 26, 2022
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
The Changing IT Landscape and Endpoint Detection and Response (EDR)
By Steven Jakubin - Last updated: Monday, May 9, 2022
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Behind Your Credit Union’s Recent NCUA IT Exams Findings Webinar Registration
By Vigilize - Last updated: Monday, February 14, 2022
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
FDIC and OCC Release New Incident Notification Rules
By Adam Reynolds - Last updated: Monday, January 31, 2022
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
A Webinar Movie This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Data Breach Laws: A State-by-State Framework
By Matt Jolley - Last updated: Monday, September 26, 2022
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
The Changing IT Landscape and Endpoint Detection and Response (EDR)
By Steven Jakubin - Last updated: Monday, May 9, 2022
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Behind Your Credit Union’s Recent NCUA IT Exams Findings Webinar Registration
By Vigilize - Last updated: Monday, February 14, 2022
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
FDIC and OCC Release New Incident Notification Rules
By Adam Reynolds - Last updated: Monday, January 31, 2022
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Behind Your Credit Union’s Recent NCUA IT Exams Findings Webinar Registration
By Vigilize - Last updated: Monday, February 14, 2022
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
FDIC and OCC Release New Incident Notification Rules
By Adam Reynolds - Last updated: Monday, January 31, 2022
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Behind Your Credit Union’s Recent NCUA IT Exams Findings Webinar Registration
By Vigilize - Last updated: Monday, February 14, 2022
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
FDIC and OCC Release New Incident Notification Rules
By Adam Reynolds - Last updated: Monday, January 31, 2022
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Behind Your Credit Union’s Recent NCUA IT Exams Findings Webinar Registration
By Vigilize - Last updated: Monday, February 14, 2022
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
FDIC and OCC Release New Incident Notification Rules
By Adam Reynolds - Last updated: Monday, January 31, 2022
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
A Webinar-Movie In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can […]
An update to your Incident Response and Business Continuity Plans will be required . . . . . . but will not replace any previous rules! A new article meant to inspire thought about IT Governance… Note: We have included a copy of the publication for your full review at the end of the article. Click […]
