Web Exclusive Stories
Web Exclusive Stories RSS Feed RSS

internet of things

Five key steps to full device defensibility

Part 3: Protecting distributed IoT devices
Bud Broomhead
September 29, 2020
To help you and your organization plan and implement an improved cyber hygiene program, we now present a framework for full IoT device defensibility in real world deployments at scale. This framework represents current state-of-the-art best practices for protecting IoT devices, and can form the backbone of your assessment, evaluation, and improvement plans. Follow the steps below to strengthen your network defenses.
Read More
insider threats

Tinker Tailor Business Spy: What entrepreneurs don’t know (that can hurt them)

Craig Singleton
Craig Singleton
September 28, 2020
As September is National Insider Threat Awareness Month, there is no better time than the present to seriously reconsider how we educate America’s next generation of business leaders about these critical intelligence issues. As we wait on MBA programs to catch up to America’s new geopolitical reality, these are the three most important issues business schools, early stage entrepreneurs, and even seasoned pros should consider as they protect their life’s work.
Read More
public safety - police

The new age of safety and security

Mimi Lanfranchi
Mimi Lanfranchi
Charles Bohnenberger
Charles Bohnenberger
September 25, 2020
Now more than ever, government policy makers need to focus resources; allowing law enforcement to focus on the core duties and responsibilities of law enforcement officers. And industries like ours, need to be creative in developing solutions to support them in this effort. The physical security industry supports law enforcement and when private security works in partnership with law enforcement, police officers have more time to focus on preventing and solving crimes.
Read More
password cyber

New cybersecurity threat - Credential stuffing

Amy Lynch
Amy Lynch
September 25, 2020
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.
Read More
HIPAA

Do I need to be HIPAA compliant? Uncovering the “I didn’t know” claim

Stephen Trout
Stephen Trout
September 25, 2020
In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.
Read More
education k-12 responsive default security

COVID-19, K-12 cybersecurity & responding on the home front

Evan Francen
September 24, 2020

Previously, school districts dealt with securing their systems at both the district and school level. But now, teaching, learning and working are all happening at home simultaneously. It’s messy, far more complicated, and gives our cyber and IT teams significantly less control over networks and security than there was when traditional in-school learning was the norm. It’s especially crucial we keep our security measures tight, even if it feels like an uphill battle.


Read More
900x550_G4S_ESRM_0006_Metrics_Report_2.jpg

Addressing the cyber metrics challenge

Dr. Leila Powell
Dr. Leila Powell
September 24, 2020
Why are CISOs constrained from delivering metrics at scale and why is producing good security metrics so difficult? Here, find out what the five stages of security metrics maturity are, and how you can achieve a mature security metrics program.
Read More
Combating Complacency: Getting the Most Out of Your Data Breach Response Plan

What U.S. companies should know about LGPD – Brazil’s new General Data Protection Law

LGPD is a complicated regulatory regime that will required U.S. entities subject to its requirements to undertake substantial compliance efforts.
david stauss
David M. Stauss
September 23, 2020
As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.
Read More

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

SUBSCRIBE TODAY!