Most have heard about the 2013 Target Data Breach. You know, the one that exposed the payment card data of over 40 million customers, resulted in the CEO resigning, and cost Target $252 million. Well did you know that the initial data breach leveraged credentials stolen from there Heating and Air Conditioning vendor? Of course there […]
So you just decided to pull the trigger and purchase that shiny new penetration test you’ve had your eye on for a while. You got organizational buy-in, a check has been cut, and you’re ready to see the vulnerabilities on your network and make some meaningful changes. But what exactly comes next? How do we […]
Perhaps an employee in your organization finds out that he or she is about to be fired and goes on a hacking spree. Or maybe Sally from accounting (sorry Sally) is always clicking on links that she receives in emails and you want to determine the risk to your network associated with that. An internal […]
In it’s most basic form, a penetration test is a skilled ethical hacker who is contracted to attempt to break into your organization and tell you what to fix. This will hopefully prevent a malicious actor from doing the same thing. With that being said, there are many different types of penetration tests. There are […]
On February 16th, 2017, the New York Department of Financial Services (NYDFS) released the NYDFS Cybersecurity Regulation (23 NYCRR 500). This regulation lays out a new set of cybersecurity requirements for all covered financial institutions. With this enactment, NY became the first state to implement comprehensive cybersecurity regulations. Our hope is that other states will […]
One of the biggest gaps I see in information security is that organization’s spend the majority of their budget on securing the perimeter of their network, and fail to consider the impact of social engineering. Think about it, how much has your organization spent on a firewall? Do you have an IPS? How about a […]
