Regarding Security Breaches and Passwords
Two of the most frequently asked questions that come across my desk are “Do I need to worry about the ‘fill in the blank’ security
Why Private Equity Firms Need to Include Cybersecurity in Their Due Diligence Process
The threat of a cybersecurity breach is often overlooked in the chaos of an acquisition, despite the potential risk such breaches can have on the
Best Wireless Security Practices While Traveling
Today’s modern workforce is mobile. Whether it is an out-of-town business trip or simply a quick visit across town to meet with colleagues or clients,
Meeting PCI DSS Requirements Using a DevOps Model
The Payment Card Industry Data Security Standard (PCI DSS) is a set of compliance requirements against which merchants, payment gateways, issuers and other organizations who
What Is Mobile Phone Tabnabbing and How Can I Prevent It?
Tabnabbing is a type of social engineering attack where a hacker replaces the contents of a dormant browser tab with a spoofed website intended to
Stop Security Threats Before They Start
Like it or not every company deals with security threats on a regular basis. Some companies focus on remediation and cleanup, while others focus on
New Office 365 Feature: Attack Simulator for Office 365 Threat Intelligence
As sad as it sounds, Sikich has been involved in many breach remediation efforts related to Office 365. Not that the infrastructure or service was
How to Use PowerShell to Report Active User and Computer Accounts
It is best practice to periodically review the security accounts held in Active Directory so that inactive accounts can be disabled or deleted. This regular
Obtaining GDPR Compliance with Dynamics 365
On May 25, 2018, the General Data Protection Regulation (GDPR) privacy law for Europe will go into effect and set a new global standard regarding
A Risk-Based Approach to Maximizing Security Control Investments
Buying the latest and greatest, best-of-breed security solutions without employing a risk-based approach to security is not a sound strategy for an information security program.
Protecting Yourself Against Data Breaches
As an advisor to middle-market businesses, I have become increasingly aware of the new risks that face our business owners, one of which is the
Vulnerability Scanning Scope – The ASV Program Guide and Sampling
When you’re wading into the external vulnerability scanning requirement of the Payment Card Industry Data Security Standard (PCI DSS), the most frequent question we hear
The Azure Response to the Recent Meltdown/Spectre Intel Security Vulnerability
In case you hadn't heard, Intel recently revealed on January 3, 2018 two critical vulnerabilities they found in Intel chips. These vulnerabilities allow cyber-attackers to steal
What to Do If You’ve Experience a System Breach
The moments after you have experienced a breach are of the utmost importance and can significantly impact your organization and the effectiveness of a
A Practical Application of Enterprise Mobility Protection
Companies of all types and sizes are becoming targets for all types of bad actors from the mischievous to the criminal. Solutions exist to offer
Create a Secure Password Policy for Your Organization
Passwords are an essential part of security at any organization and an important element in preventative measures to keep hackers from getting in the door
Non-Listed Encryption Solution Assessment (NESA) Documentation
The Payment Card Industry Security Standards Council (PCI SSC) previously released guidance that allows Qualified Security Assessor for Point-to-Point Encryption (QSA (P2PE)) companies to complete a document related to a non-listed
Getting People and Productivity to Rock with Office 365
Over the last 12 to 18 months, the concerns that business and IT managers voice when they think about the cloud have changed. It used
2017 Manufacturing Report: Automation and Cyber Security Remain Top Priorities
2017 Manufacturing Report How vulnerable are most companies to cyber attack? Find out in this new report. Also, track trends like the
The WannaCry Ransomware Attack: What Does It Mean to You?
Reports on cyber security risks are in the news nearly every day, and there are no signs of attacks slowing down. In recent years, it
