Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]

A new generation of interns may open organizations up to new risks… An article review. If you’ve been paying attention to the world of breaches and other security lapses over the years, the idea of the “insider threat” is probably nothing new—your own employees can sometimes be as likely to cause an incident as a […]

Years after patches were released, many systems remain vulnerable… An article review. While it has been over two years since the WannaCry exploit was publicly announced, a new report submitted by our own Sean Waugh says that hundreds of thousands of internet-connected machines are still vulnerable…and many of those machines belong to government agencies and […]

Password expiration rules can create more problems than they solve… An article review. Passwords, it seems, are a lot like diets. They’re often necessary, but no one really wants to have to deal with them–and we’re always looking for the next trick to make the process easier. And just like there’s always a new diet […]

New research reveals issues with these commonly overlooked devices… An article review. With computers involved in our lives and businesses in so many ways, it can seem like we’re always being warned of another overlooked device that is ready to wreak havoc. While the attention of many security researchers has been focused on the rise […]

Hackers are getting unusually creative in their attacks… An article review. One drawback of limiting the scope of our annual review articles (the M-7, T-7 and R-7) to seven items is that we don’t always get to include every subject we’d like to. Luckily we had our friend Wes Pollard to point out a great […]

The seven best trend articles in 2019 . . . For ISOs of small financial institutions. While it may not feel like it yet for some of us, we’re well on our way into 2019, and that means it’s time for the last of our annual articles looking at predictions and trends in information technology. Previously, […]

Third party ‘location brokers’ are reselling data from carriers, and there may not be much you can do about it. An Article Review. For many years it has been common knowledge that your cell phone’s physical location can be identified–signal triangulation, GPS and even nearby wifi networks can be used by your cell phone company, […]

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks […]

  The Internet of Things and privacy continue to present challenges to businesses… An article review. It seems our own Dan Hadaway isn’t the only one making predictions about upcoming trends this time of year! NIST recently concluded their Cybersecurity Risk Management Conference and an article submitted to us by Wes Pollard details some of their […]