We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. At infotex we are always revising and updating our boilerplates. We have recently made a significant change to our Incident Response Policy regarding Disclosure Incidents. It is of course very important to comply with all applicable laws and regulations, but […]

Weekly themes for the annual event have been announced… An article review. October is National Cybersecurity Awareness Month, and the weekly themes for this year’s event have been released: Oct. 1­–5: Make Your Home a Haven for Online Safety Oct. 8–12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity Oct. 15–19: It’s Everyone’s […]

What the FFIEC has to say about succession planning for members of the IT Governance process… We have been hearing about examination findings requiring Clients to create a succession plan for key members of the IT Governance process.  Dan asked me to update our research on this issue and, as a byproduct, I have produced […]

Getting a message to the user is one thing, having them see it is another… An article review. In IT we often focus on identifying and communicating risk: to our users, to our superiors and to others in the field. Over the years, we’ve even developed new tools and methods to identify issues and notify […]

A new study has identified the most profitable malware, showing just how much unprepared businesses have paid. An article review. Despite pleas from various experts and authorities, it looks like a significant number of organizations ultimately decide to pay the criminal organizations who have held their data hostage. That’s something that many people have probably […]

Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users, but how they choose to do that can have a big impact on […]

Haven’t rotated your posters in a while? Your customers may not be seeing them anymore. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . One of the things I recently realized: some bankers I interact with do not have the same  understanding of merchandising that I […]

Motivating employees toward awareness can take more than prizes and prodding… An article review. Keeping your employees on top of security related issues can sometimes seem to be a daunting task, and it’s not something that can ever be considered finished: it’s an ongoing process much like the threats themselves. Considering that, it’s not surprising […]

It’s like a recall on your car… A Jolley | Hadaway Article. If you like to stay current on technology news, you’ve probably found it hard to ignore the recent stories about a major security problem with Intel processors, and the rush from software and hardware companies to mitigate the issue.  Most of the solutions […]

R-7 – The Top Seven Risks – 2018: Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been […]