One of the more common attacks that we see is the compromise of an employee email account. Many institutions give employees the ability to access their email remotely via Outlook Web Access (OWA)...
Brian Petzold
Recent Posts
Resolving to Update your Information Security Program
by Brian Petzold | Dec 28, 2018
As we enter the new year, many institutions resolve that this is the year that their Information Security Program will be streamlined and brought up to date. Doing this effectively requires a...
Focusing on Cybersecurity Governance
by Brian Petzold | Dec 7, 2018
A solid cybersecurity program starts with good governance practices. These practices ensure that IT, security staff, and management are all rowing proactively in the same direction. They help...
Untrustworthy Certificates
by Brian Petzold | Nov 30, 2018
Many have been taught that the way to determine if a site is secure is to look for the padlock next to the URL in their browser. While that may have been true at one time, it increasingly is...
Making Strategic Planning Easy
by Brian Petzold | Nov 16, 2018
It's getting to be that time of year again. The time when many institutions should begin the process of updating their strategic plan. Sure, creating an IT and cybersecurity strategic plan can...
Preparing for an Internal Penetration Assessment
by Brian Petzold | Nov 9, 2018
Internal penetration tests are the most frightening assessments that an institution can subject themselves to. They can also be one of the most educational assessments. Penetration testers are...
Acing You Next IT Audit
by Brian Petzold | Nov 2, 2018
As institutions grow, examiners expect that their cybersecurity maturity will also grow. Unfortunately, many institutions learn this the hard way when they receive high-risk findings during an IT...
Simplifying System Recovery Planning
by Brian Petzold | Oct 26, 2018
Recovery planning for systems is often difficult for institutions to fully grasp. There are a lot of moving parts involved and a variety of options available. We find that it helps if management...
Data Loss Prevention Tips
by Brian Petzold | Oct 19, 2018
We have been asked recently by several customers to look at the risk that data loss represents to an institution. It is an interesting journey each time because we are all conditioned by DLP (Data...
Moving From Reactive to Proactive Security
by Brian Petzold | Oct 12, 2018
Many institutions find themselves being reactive when it comes to security. They believe they are doing everything they need to, but one day an auditor or examiner walks in and points out...