2 min read
You started with an Information Security Policy that covered the basics. Then one day an auditor walked in and asked to see your Data Destruction Policy, so you wrote one. In the next exam, regulators said you should have a Vulnerability Management...
Read More
1 min read
Most of our IT infrastructures were built to trust. From the time users sign on in the morning until they log off at the end of the day, the network...
2 min read
Over the years, I have become wary of the term “best practice” when it is applied to technology and cybersecurity. The term “best practice” is...
2 min read
Networks rely on encryption to ensure that data is kept private and cannot be changed while at rest or in transit. In most cases this encryption...
2 min read
When the Gramm-Leach-Bliley Act was implemented, each regulatory agency adopted a set of interagency guidelines and regulations required for...
2 min read
Asset Management is one of the foundations of a sound Information Security Program, but it is also often neglected in the rush to replace or...
2 min read
We recently have seen an increase in “typosquatting” activity targeting financial institutions. Typosquatting is when someone registers a domain with...
