EU GDPR demystified: a straight-forward guide for US firms (PART 1)

Posted by:

Ahhh GDPR, the EU General Data Protection Regulation (EU-GDPR), the new European data legislation that revamps 20-year-old data protection laws to align with our digital age. It’s a radical and unprecedented piece of legislation, whittled down to a whopping 99 Articles, categorised in 11 Chapters.

Ugh.

AS if 99 articles isn’t bad enough, the effective date is coming sooner than you think….. May 2018, less than a year away.

Some of you, we know, are facing it head on, grappling with how ...

Read More →
1

We’ve all got password fatigue, but are NIST’s new policies wise?

Posted by:

Ah the necessary evil of passwords.

Those of us who have worked in organizations that require users to change passwords at set intervals know what I mean.

Typically every three to six months, users are requested to perform a password change – maybe in the form of an annoying pop-up alert. In some setups, the user is lock out of the system until a new memorable password (but one that follows the complex password creation guidelines) is set.

A ...

Read More →
0

WannaCry’s Kill Switch won’t work for proxy users. Patch now.

Posted by:

News reports published this Monday morning claim the WannaCry ransomware worm managed to spread to 150 countries, with 200,000 computers successfully attacked.

The attackers, according to their Bitcoin accounts, seemed to have raked in  an initial fee of $300 to decrypt the files being held for ransom, but that is set to double in three days. 

Whatever they end up with (and here’s hoping it’s a criminal record) it seems like a measly return considering the impact this ransomware worm ...

Read More →
0

Cyber attack video simulations: NEVER trust default security settings again

Posted by:

If you work in an organization that values its digital data and a good relationship with suppliers, partners and customers, I am willing to bet you have a number of cyber defenses in place.

Your web access will be likely protected by a robust firewall. Your wireless can perhaps only be accessed via a unique login. Maybe you even encrypt data that you store.

I bet you also ensure vulnerabilities are patched regularly, and ...

Read More →
0

Trump’s budget blueprint: what’s it mean for cybersecurity?

Posted by:

Last week, we saw the release of the US’s 2018 budget blueprint.

Before I even read the document, I did a random search on some security-related keywords within the 2018 budget to see how many times each one showed up. I found the results rather revealing. Make of this what you will:

  • Cyber: 15
  • Security: 68 (5 of which refer to Homeland Security)
  • Attack: 4
  • Privacy: ...
Read More →
0

US border controls, electronic devices and privacy: what to think about

Posted by:

Since the new US president’s executive order, designed to improve screening and vetting procedures in the name of reducing illegal immigration and terrorist threats, privacy groups like the American Civil Liberties Union and Electronic Frontier Foundation (or the EFF) have voiced concerns about an increase in the number of invasive digital practices during border inspections.

In other words – privacy groups saying that more travellers are being asked to surrender their devices and passcodes are often.

The Privacy groups ...

Read More →
0

Why you can’t find a good CISO for love or money (but we have a solution…)

Posted by:

Are you one of those poor firms out there trying to hire some in-house cybersecurity expertise? Whomever you’re looking for – be it a senior representative, like CISO or CTO, or an IT administrator – we bet you’re having a hard time.

Even firms like TBG Security, where we can offer cutting-edge expertise, training and tools as well as a competitive remuneration packages, have to look really hard to find serious cybersecurity talent.

Want to know you ...

Read More →
0

NYDFS tweak proposed cybersecurity regulations; start date pushed back to 1 March 2017

Posted by:

Last September, TBG Security wrote a helpful blog article on the proposed cybersecurity regulations put forward by the the New York State Department of Financial Services (NYDFS).

The NYDFS aimed to have these new cybersecurity requirements (23 NYCRR 500) enforceable by 1 Jan 2017. However, last week, on the 28th of December, NYDFS issued the following press release, effectively delaying the launch date to March 1, 2017.  


Read More →
0

Want to be a cybersecurity hero this holiday? Here’s how.

Posted by:

Ahhh December 2016. It is that time of year again. Christmas and other holiday celebrations are just days and weeks away.

However you celebrate, whether you are planning the festive feast, travelling to a far-flung location, or madly getting your gifts ready, you’re likely to be with others: your family, your pals, your in-laws, your friends or work associates.

So we have a proposal for all you IT security-savvy types out there…Join TBG Security’s

IT Security Holiday Lock Down

Here is our ...

Read More →
0

“You Hacked.” Unexpected lessons from a ransomware attack on public services

Posted by:

You know it is a bad day when your computer screen blips up with this ransomware message:


“You Hacked, ALL Data Encrypted. Contact For Key (cryptom27@yandex.com)ID:681, Enter.”

But if the day is Black Friday, and your computer is part of a major US city’s municipal transit system, I think we can all agree that this constitutes a very, very, bad day indeed.

This was the ransomware message presented on hundreds of SFMTA (San Francisco’s transit agency) computer screens on Black Friday – 25 November.

The ...

Read More →
0
Page 5 of 7 «...34567
})
SEC Cybersecurity Exams