Wondering How to Prepare for a Ransomware Attack? Here Are 3 Steps


Do you feel confident your critical data will be recoverable in a ransomware attack? If not, your business could be in trouble. Ransomware attacks literally hold an organization’s data hostage. In the worst-case scenario, anything the hacker gets access to could be rendered completely inaccessible to you, bringing work to a stop, costing precious time and money, and potentially affecting lives. But there are ransomware prevention steps you can take to mitigate the risk of a ransomware attack having a devastating impact on your organization. Here are three ways to ensure you know how to prepare for a ransomware attack. 1. [...]

Wondering How to Prepare for a Ransomware Attack? Here Are 3 Steps2019-06-04T15:04:50-04:00

Ransomware: What It Is and How to Prevent It


Ransomware attacks are on the rise, with high-profile cases including attacks on Cleveland Hopkins Airport and the City of Akron showing just how devastating one of these attacks can be. The recent ransomware attack on Baltimore had widespread, long-lasting implications for both the government organization and individual residents. But what exactly is ransomware, and why are there so many attacks?  The term “ransomware” comes from the fact that hackers hold important data captive until payment is provided or another demand is met. Targeting organizations like hospitals, local and regional government, and other businesses, attackers go into a system or network, inject [...]

Ransomware: What It Is and How to Prevent It2019-06-04T15:13:38-04:00

Five Cost-Effective Information Security Solutions When the Budget Isn’t There


Up Your Information Security Without Breaking the Bank You know the drill. You spend days or weeks gathering data points, best practice references, conference notes, and recommendations for reporting security to the board. You put a great information security plan together for your organization and ask for the budget — only to get about half of it approved. It’s the great common paradox of corporate dictum: do more with less. When this happens (and it will), don’t get frustrated — get creative. Organizations have to run lean to survive and thrive, and when the financial allocation just isn’t there, we still [...]

Five Cost-Effective Information Security Solutions When the Budget Isn’t There2019-04-26T11:43:02-04:00

How to Report Information Security Metrics


You know gathering data and analyzing information security metrics is important. You probably know which ones you should be collecting. But now that you have all of the information you need, how do you put it into an intelligent, understandable, and effective report for stakeholders? There really is no right or wrong way at a granular level, but there are certainly best practices you can keep in mind to make sure you’ve got the right metrics telling the right story to the right people. Creating an Information Security Metric Report Start by defining a problem you’d like to solve or a [...]

How to Report Information Security Metrics2019-04-25T09:27:54-04:00

What Makes a Good Security Metric?


There’s really one way to determine whether or not your information security program is working — by collecting related data and analyzing it. But the most important factor to consider is which data to share. Data on its own is not going to tell a story and will leave most people frustrated with no more insight than they had before looking at it. We have tons of data at our fingertips, and any number of ways to arrange, report, and share them with stakeholders. But you’re not just looking to report any data — you’re looking to report metrics. What’s the [...]

What Makes a Good Security Metric?2019-04-25T09:19:17-04:00

How is Your Security Program Performing?


Why You Should Be Using Metrics to Measure and Demonstrate Success When it comes to cybersecurity, how do you know if your efforts are performing the way that you want them to? Usually, people might think their cybersecurity is performing well because nothing’s gone wrong yet, they haven’t experienced a data breach, or they haven’t been informed by a third party or regulator that it’s insufficient. However, this is a flawed way to look at your security program. If you really want to identify your strengths and weaknesses, you have to be able to understand the metrics that define cybersecurity success [...]

How is Your Security Program Performing?2019-04-25T09:30:03-04:00

Should You Hire a CISO In-House or Use a CISO for Hire?


You have someone in charge of accounting and finance, human resources, marketing and other departments, but what about information security? It’s a different area of focus above and beyond information technology. Having someone in charge of cybersecurity — typically a chief information security officer (CISO) — can help you manage and maintain your network and your security processes. However, finding someone to fill this role or replace a previous CISO is often more difficult than you might expect. Putting Someone in Charge of Your Information Security Will Make Your Business Safer Let’s imagine for a moment that your business experiences a [...]

Should You Hire a CISO In-House or Use a CISO for Hire?2019-02-14T15:11:18-04:00

The IR Plan: A Proactive First Step Toward Organization Security


Neglecting Your Incident Response (IR) Plan Could Lead to Disaster It seems like every month, another company comes forward to announce that their systems were breached. In February of 2018, it was FedEx. In March, it was Under Armour. In April, Kmart and Sears. In fact, since January 2017, 16 major retailers have experienced some form of significant data breach. If it can happen to them, it can happen to any organization, and it proves why effective IR plans are so crucial. […]

The IR Plan: A Proactive First Step Toward Organization Security2019-02-14T15:09:39-04:00