• Blog

  • Risk Appetite Statement Importance

    A risk appetite statement is important for CISO to align security with the business goals. The problem is many organizations don't have a risk appetite statement or know how to establish one.You can start the risk appetite creation process by starting with a financial statement. The financial [...]

    Read more

    Post Breach Lessons Learned

    September 8, 2021
    Post Breach Lessons Learned

    The post breach lessons learned is an important part of recovering from a breach. The lessons learned phase is actually part of the PICERL model for incident response. We have seen a trend over the year of breached organizations skipping this step entirely.The incident response process has [...]

    Read more

    Tracking Wifi Enabled Vehicles

    Tracking your wifi enabled Vehicle might not have been something you considered when you purchased that new car that came with a wifi hotspot. More and more cars are coming with this feature and I started to look closer at the possibilities of tracking a vehicle's movements based on the SSID and [...]

    Read more

    10 Things to Prevent Ransomware

    Ransomware is at the top of most organization's concerns when it comes to cybersecurity. It's not so much that there is a ransomware problem, it's that there is a basic information security controls problem.There are some basic things you can do to prevent a ransomware attack on your [...]

    Read more

    Casino Ransomware Attacks

    Casino ransomware attacks have been making the headlines lately. Our very own CEO, Catherine Sullivan, was recently interviewed by News 9 in Oklahoma City about the impact of ransomware on the average consumer.We have worked a number of related ransomware and other incidents with casinos and [...]

    Read more

    Cloud Security Part III

    Security in the Cloud is a three part series about how to better protect your organization's digital assets in the cloud. This is a continuation from part two of the series.Cloud DefensesScan for Unauthorized Connections across Trusted Network Boundaries. This means having the appropriate [...]

    Read more

    Digital Forensics for Law Enforcement

    Digital forensics for law enforcement agencies is an initiative we started because be saw that many agencies are underfunded from a technology perspective. This results in dated equipment, lack of staff, and no budget for training.As part of this initiative we offer free workshops and [...]

    Read more

    Cloud Security Part II

    Security in the Cloud is a three part series about how to better protect your organization's digital assets in the cloud. This is a continuation from part one of the series.Malware Defenses in the CloudMalware defense is still an important consideration in cloud environments. Systems can [...]

    Read more

    Security in the Cloud Part I

    Security in the Cloud can be difficult to understand for some organizations. There are some security benefits with moving to cloud architectures, but there are also risks organizations should be aware of.Moving to the cloud doesn't automatically mean more "security". One of the problems here is[...]

    Read more

    Data Governance Programs

    Data Governance Programs are important for controlling the data your organization processes, produces, and stores. Data is the greatest risk today in most organizations and is also the currency on which many organizations operate.Your data can be centralized in a certain location like a file [...]

    Read more

    1 of page 6