About Us | Contact Us
View Cart
Archive for 'Incident Response' Category

Forget AI: Millions of Humans Needed To Close Cybersecurity Gap

By Vigilize - Last updated: Monday, November 4, 2019

Despite advances in automation, millions of additional people are still needed… An article review. If you follow cybersecurity news you’d be forgiven if you thought that humans were rapidly becoming obsolete: everywhere you turn there are articles extolling the virtues of automation and artificial intelligence for staying on top of all the threats facing your […]


A Seven Step Process to Combat Insider Threats

By Dan Hadaway - Last updated: Monday, September 30, 2019

Incident response testing is the stone that kills many birds… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Good morning.  It’s 5:00am on a weekend, and I’m preparing my talk for the Cybersecurity Conference this week. While the talk is only supposed to be […]


NSA to Establish Cybersecurity Directorate

By Vigilize - Last updated: Monday, August 12, 2019

In a change for the Agency, the new directorate will have a defensive focus… An article review. Over the last few years, we’ve seen a cat and mouse game between hackers and the good guys: from potential foreign influence in elections to the establishment of the US “Cyber Command” and, of course, the steady announcement […]


Coders’ Rights: Protecting Security Researchers

By Vigilize - Last updated: Monday, October 22, 2018

We rely on them to keep our systems safe, but who is protecting the security researchers? An article review. Over the past few decades there have been a number of laws and regulations enacted with the goal of improving computer security, but due to the way many of them have been written they could be […]


Incident Response Boilerplate Update

By Adam Reynolds - Last updated: Monday, October 15, 2018

We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. At infotex we are always revising and updating our boilerplates. We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. It is of course very important to comply with all applicable laws and regulations, but […]


Cyber Challenge: A Community Bank Cyber Exercise

By Vigilize - Last updated: Sunday, July 29, 2018

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]


The Cost of Being Unprepared

By Vigilize - Last updated: Monday, April 30, 2018

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal organizations who have held their data hostage. That’s something that many people have probably […]


Risk Versus Severity When In A Panic

By Dan Hadaway - Last updated: Monday, April 9, 2018

Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]


Firewall Log Retention: Beyond The Guidance

By Dan Hadaway - Last updated: Monday, March 26, 2018

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]


Object Access Limitations

By Matt Jolley - Last updated: Monday, March 5, 2018

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]