Archive for 'Incident Response' Category
Mutiny! The Malicious Insider Threat Webinar Registration
By Bryan Bonnell - Last updated: Tuesday, May 2, 2023
Mutiny! The Malicious Insider Threat Webinar Registration A Webinar-Video It is often awkward to bring up the one attack vector most of us have not addressed. The malicious insider threat. Even if we can flaunt all statistics and claim that the likelihood of an insider attack is low in our bank, the impact is still […]
From a Napkin to the Future!
By Dan Hadaway - Last updated: Saturday, April 22, 2023
Questions from a decade ago . . . That rhyme! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So this article starts in my bedroom; cleaning out my closet. I finally decide that yes, I’m will never grow back into the size of these […]
The Four Basic Truths of System Security
By Dan Hadaway - Last updated: Sunday, January 1, 2023
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
What to Expect from an infotex Incident Response Tabletop Test Movie
By Vigilize - Last updated: Monday, October 3, 2022
A Webinar Movie This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Data Breach Laws: A State-by-State Framework
By Matt Jolley - Last updated: Monday, September 26, 2022
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
The Changing IT Landscape and Endpoint Detection and Response (EDR)
By Steven Jakubin - Last updated: Monday, May 9, 2022
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Mutiny! The Malicious Insider Threat Webinar Registration A Webinar-Video It is often awkward to bring up the one attack vector most of us have not addressed. The malicious insider threat. Even if we can flaunt all statistics and claim that the likelihood of an insider attack is low in our bank, the impact is still […]
Questions from a decade ago . . . That rhyme! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So this article starts in my bedroom; cleaning out my closet. I finally decide that yes, I’m will never grow back into the size of these […]
The Four Basic Truths of System Security
By Dan Hadaway - Last updated: Sunday, January 1, 2023
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
What to Expect from an infotex Incident Response Tabletop Test Movie
By Vigilize - Last updated: Monday, October 3, 2022
A Webinar Movie This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Data Breach Laws: A State-by-State Framework
By Matt Jolley - Last updated: Monday, September 26, 2022
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
The Changing IT Landscape and Endpoint Detection and Response (EDR)
By Steven Jakubin - Last updated: Monday, May 9, 2022
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
A Webinar Movie This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Data Breach Laws: A State-by-State Framework
By Matt Jolley - Last updated: Monday, September 26, 2022
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
The Changing IT Landscape and Endpoint Detection and Response (EDR)
By Steven Jakubin - Last updated: Monday, May 9, 2022
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
What you need to know for compliance coast-to-coast. Back in 2020 we posted an article containing links to data breach laws from each state, and it has proven to be one of our more popular posts. Because laws surrounding the use (and abuse) of technology are always evolving, we thought it was worth taking another […]
Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home. While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
Managing Software Supply Chain Risk
By Steven Jakubin - Last updated: Monday, April 25, 2022
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
Pandemic Woes Add To The Cybersecurity Job Retention Struggle
By Vigilize - Last updated: Monday, April 18, 2022
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates. New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing. That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
My Take on the 36 Hour Rule
By Dan Hadaway - Last updated: Wednesday, March 9, 2022
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
How the New Rule Applies to infotex
By Adam Reynolds - Last updated: Monday, February 21, 2022
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
It doesn’t cover us. . . . . . but we’ll agree to it anyway. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I thought I’d write a quick DNL about the new 36 hour rule. It’s due in May, so I am not […]
(It does not) But it’s “crazy complicated and seemingly circular.” A new article meant to inspire thought about IT Governance… Note: You can read the article where Adam discussed the rule itself here: FDIC and OCC Release New Incident Notification Rules. The new interagency Computer-Security Incident Notification Requirements rule includes requirements not only for banking organizations, […]
