Cyber Security Articles

2018 Cyber Resolutions for the CEO

2018 Cyber Resolutions for the CEO

The new year is upon us, which means that you’ve hopefully gotten your fill of family, good food, and nostalgic playlists. It also means that the inevitable resolutions are also here. Since many of you will be busy with other priorities, I’ve put a quick list together...

read more
Interpreting the New York State Cybersecurity Regulations

Interpreting the New York State Cybersecurity Regulations

New York State has led the nation in releasing its 23 NYCRR 500 cybersecurity regulation for financial institutions. This article is aimed mostly at those institutions, to give them guidance around what can be expected of them around this regulation, but its adoption...

read more
The US is currently helpless in a Cyber War Scenario

The US is currently helpless in a Cyber War Scenario

Two teams take the field. On offense, huge adults who are professional athletes. An NFL team. On defense, eleven small, skinny children, barely standing above the belts of their opponents. Both sides square off as the play is set in motion and the NFL team executes...

read more
Beware the Cybersecurity Gold Rush

Beware the Cybersecurity Gold Rush

Fast forward to 2016 and we are in the middle of a gold rush in the cyber market.  The list of data breaches is overwhelming.  It’s estimated that cyber crime is overtaking traditional crime.  And vendors everywhere are offering cyber security products and services....

read more
The Robbers Are Already in the Bank

The Robbers Are Already in the Bank

Over the long history of banks, many mechanisms have been used to thwart would-be thieves. For instance, a bank would protect the transport mechanism (stagecoaches, armored cars) and heavily secure the soft-points, like tellers and bank branches. The vault was the...

read more
Your Vendor is Lying to You

Your Vendor is Lying to You

The Target breach illustrated just how important vetting third parties is. The hack was successful for a number of reasons (including Target’s failure to act on the attack much earlier, when it was detected), but the initial breach happened through a small vendorwhich...

read more
Virtual CISO-as-a-Service comes of age

Virtual CISO-as-a-Service comes of age

vCISO, or Chief Information Security Officer (CISO)-as-a-Service, is a concept whose time has come CISOs are hard to come by and good ones even more so. InfoSec professionals in general are tough to find and especially ones that can fulfill all the duties of a...

read more