You know you need a risk assessment to show that you’re secure and to find the problems that expose your enterprise to risk. But how do you sell your CEO or the board on that expensive proposition?
Does your credit union lack the resources to hire or retain a full-time It Manager? Are your current IT expert(s) overwhelmed by their responsibilities? Have you ever wondered what virtual Chief Information Officer, vCIO as a service is? This post is for you! vCIO as a service is a unique approach to providing consultation around […]
Every organisation should take a fresh look at the impact specific cyber events can have and whether management’s response plan is properly oriented and sufficiently supported. This review includes an assessment of internal processes and capabilities to determine whether proactive steps should be taken to make necessary improvements — both near term and long term.
Control Frameworks must be regimented but flexible enough to tackle the risk that organisation faces. This aspect challenges the previous two control mechanisms.
Harvard Business Review (HBR) published an article on the security breaches with respect to what it means for the company. HBR stated, “Recent high-profile data breaches like those at Target and Home Depot have exposed the private sensitive information of millions of employees and consumers. While consumers are rightfully worried that their personal information may […]
All industries are affected by the threat from a Cyber-attack. These threats and the impact of an incident is increasing each year. There are many organisations that monitor the threat impact and a few that give frameworks for all of us to work towards. NIST, National Institute of Standards and Technology, NIST, based in USA. […]
Our vCIO service gives your organisation a competitive advantage because it gives you something that your business truly lacks: an expert opinion. Technology has become a major line item on your budget. If your organisation doesn’t have the on-staff technical expertise to direct or cost-effectively implement the technology solutions you need in a manner that […]
Life of a CIO, Chief Information Officer, Head of IT, and or basically the most knowledgeable IT person in the building on that day, is what I call being a responsible for your IT, go-to tech expert. I am partner with Mark Duffy and we work with our clients to understand their IT systems, computers, […]
This week we were on site with a client and asked the most important question “Do you have a backup that is removed each night?” Yes & didn’t know was the response. So if the building burn’s down, then your goose is cooked, you data and your business is gone, climbing Mount Everest will be […]
Understanding the risk What is the value of the information we hold (e.g. intellectual property, financial, strategic plans and other business critical information, customer/personal data)? What are our ‘crown jewels’ that need the most protection? What is the potential impact if this information is stolen or corrupted (e.g. reputational damage; damage to market value and […]
Threats to our information privacy, details and data are growing in intensity and sophistication on a daily basis. With this threat, organisations are beginning to gain awareness of these threats to information security, but provide limited budgets. Organisations must be specific on where they utilise their resources; financial, time and persons. You need to identify, […]
Ransomware is primarily about money, the ability of the ransomware author to get money from the victim with in a very short period of time. Phishing is the ability of a person to gain control to your system for the purpose of monetary, data or other information retrieval from your system. Immediate financial gain is […]
With Microsoft now phasing out passwords to focus on multi factor authentication. https://www.cnbc.com/2019/05/01/microsoft-ciso-bret-arsenault-wants-to-eliminate-passwords.html Having a 2FA approach is better, the password is the lock on the door and the 2FA is the deadbolt to your house. They make would be intruders look to see if the house next door is an easier target, but a […]
Today I was reminded by Flipboard to reset my password due to a cyber incident, over the weekend a similar email from another platform. We live in the world where anything that is on or connected to the internet is no longer secure, probably never was. We have to acknowledge that this is the modern […]
We are seeing a further growing gap between the technology environment we operate and our ability to understand and secure it. As we build automated processes and artificial intelligence into its services, this will, by definition, compound the problem; making the mitigation of attacks significantly more challenging.