The Shift to Remote Worker Access & Its Security Implications

Most, if not all, organizations have no doubt by now been impacted by the recommendations and requirements surrounding COVID-19. As organizations struggle to manage their staff and how they interact with each other—and clients—the pressure for remote access continues to [...]

The Shift to Remote Worker Access & Its Security Implications2020-03-25T14:37:46-07:00

Ransomware recovery at Las Vegas casinos

We have been involved in a lot of different ransomware rescues. Here is a new one, gambling casinos. Yes, it turns out some casinos are just as vulnerable as the rest of the business population. Even some of the casinos with [...]

Ransomware recovery at Las Vegas casinos2020-03-27T12:38:43-07:00

SMBs are at a significant risk of cyberattacks

Cyberattacks are becoming an increasing risk for SMB owners. Unfortunately, the majority think they are immune to these attacks and continue using free cybersecurity software. It’s only when it becomes too late, and when the company is already victimized by [...]

SMBs are at a significant risk of cyberattacks2020-03-27T12:41:33-07:00

The Evolution of Ransomware: How to Stay Protected

What is Ransomware? Ransomware is a tradename for potentially entity killing malware of a variety of classes. In general, the cybercriminals infect computers with malware that can spread and take over an organization’s entire computing environment, from desktops and laptops [...]

The Evolution of Ransomware: How to Stay Protected2020-03-27T12:46:34-07:00

The Importance of Third-Party Software Patching

And Why Executives Should Care... Threats to network security seem to get announced weekly. Global ransomware attacks like WannaCry cause havoc around the world and billions of dollars in losses. Businesses are actually shuttering due to network attacks that disable, [...]

The Importance of Third-Party Software Patching2020-03-27T16:44:21-07:00

Imran Awan case shows lax security controls for Congressional IT staff

By Kevin McDonald Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Those who operate with high-level system access, [...]

Imran Awan case shows lax security controls for Congressional IT staff2019-12-13T12:32:16-08:00

I Am a Non-Technical Executive… What Seven Things Should I Be Asking My IT Guys About IT Security?

Irvine, CA - Overseeing IT and security is a daunting task, even if you are an IT professional. If you are an executive to whom IT reports, then the task becomes near impossible. The list of following questions is designed to empower you to have a meaningful discussion with your IT team so you can be an informed and responsible manager pursuing your due diligence role in protecting the assets of your firm. If you are an IT professional, these are questions you should be prepared to answer.

1.       Q. When did we last do a risk assessment? Please share that document with me. I would particularly like to see the Risk Assessment Table.

A.      Make sure your IT team is periodically assessing the risks to your IT systems.  They should be recommending upgrades and new solutions for you from time-to-time, and you should be listening.  They need to be able to express the threat in operational and economic terms in order to justify the expenditure.  If your team can’t give you a clear and coherent answer on when and how they last did this, send them off with a task and a deadline.

2.       Q. When did we last do a Vulnerability Scan? What were the results of that scan? I would like to see the report.  Who did the remediation? When is our next scan planned?...

I Am a Non-Technical Executive… What Seven Things Should I Be Asking My IT Guys About IT Security?2017-11-13T07:21:50-08:00

What nineteen audiences in twelve months taught me?

Navigating Fear in the Security and Compliance World

In advancing technology it is fear of having a project go sideways, over budget or fail to accomplish the stated objective that has many frozen. What if that technology we recommend doesn’t work as we hope? What if it is something required by law (such as encryption in healthcare) that we fear an unknown outcome so much that we won’t act? What if we miss a key component of a project or underestimate the effort required and the entire project goes over our budget?

What nineteen audiences in twelve months taught me?2014-12-17T23:02:14-08:00

Senate Passes Retroactive Tax Relief Under Section 179

This is one time you may want to make a quick call to your accountant, then order up some of those infrastructure items you are putting off. A bill known as “tax extenders” if signed by the president will reinstate Section 179 tax [...]

Senate Passes Retroactive Tax Relief Under Section 1792014-12-17T22:47:22-08:00
Load More Posts