Tips for getting your IT security budget approved

Posted by:

“Many boards now have a clear focus on information security risks. This is not always reflected across the broader organization. Security and risk management professionals must manage and defend security budgets to meet stakeholder expectations of protection.”

These words, published on the Gartner website, are frustratingly true for many firms out there.

CIOs oversee the accessibility, confidentiality and integrity of files and systems. This means they must introduce new and maintain old systems, ensuring everyone can who ...

Read More →
0

We’ve all got password fatigue, but are NIST’s new policies wise?

Posted by:

Ah the necessary evil of passwords.

Those of us who have worked in organizations that require users to change passwords at set intervals know what I mean.

Typically every three to six months, users are requested to perform a password change – maybe in the form of an annoying pop-up alert. In some setups, the user is lock out of the system until a new memorable password (but one that follows the complex password creation guidelines) is set.

A ...

Read More →
0

NYDFS tweak proposed cybersecurity regulations; start date pushed back to 1 March 2017

Posted by:

Last September, TBG Security wrote a helpful blog article on the proposed cybersecurity regulations put forward by the the New York State Department of Financial Services (NYDFS).

The NYDFS aimed to have these new cybersecurity requirements (23 NYCRR 500) enforceable by 1 Jan 2017. However, last week, on the 28th of December, NYDFS issued the following press release, effectively delaying the launch date to March 1, 2017.  


Read More →
0

NYDFS propose new cybersecurity regulations, effective Jan 1 2017. Here’s what you need to know

Posted by:

Last month, the New York State Department of Financial Services (NYDFS) put forward a proposed regulation designed to impose new rigorous cybersecurity requirements on banks, consumer lenders, money transmitters, insurance companies as well as some financial service providers in New York State.

The State has indicated that securing both New York’s financial services firms and its consumers is the main priority. The aim is to lower the risk posture in light of ...

Read More →
0

Yes, turning on multi-factor authentication (aka 2FA) is really important

Posted by:

When you work within an industry like IT security, you can sometimes get blindsided. Perhaps you feel untouchable by the bad stuff out there, simply because you know it exists, and you know how to secure against it.

Here’s a good example: many who are knowledgeable about IT security KNOW that multi-factor authentication (2FA) is a vital security measure, yet many haven’t turned it on for the majority of their apps (not that all apps offer 2FA, and you should reconsider ...

Read More →
0
})
SEC Cybersecurity Exams