Sitemap – TBG Security – CyberSecurity Consulting

Pages

RISK & COMPLIANCERisk and Compliance Solutions
- Comprehensive Compliance Solutions
- Regulatory Compliance Assessments
- Privacy Services
PENETRATION TESTINGOffensive Security Services
- Penetration Testing Services
- Offensive Security Services
Information SecurityCybersecurity Consulting Services
- Information Security Consulting
- Incident Response Solutions
  - Incident Response Services
  - Incident Response Plan Creation Services
- Splunk Solutions
  - Our Services For Splunk
Cloud SecurityCloud Security Services
AboutTBG Security
- Who We Are
- Solutions For
- TBG Blog Posts
  - Our Blog Posts
- Extra Stuff

Posts

Kaseya and REvil: two sides of the supply-chain risk story
IoT device makers wanting to better security standards
Hafnium and SolarWinds shake up attitudes to supply chain risk management
Takeaways from the British Mensa Security Drama
Remember Online Scams Target Businesses Too
2020 Holiday Infosecurity advice for the people in your life
Information Security Policies: Knowing Who and How to Trust
Are Your IT Security Insides Troubling You?
Making Vendor Risk Management Part of Your Security Strategy
How the pandemic changed everything and nothing
Examining the How of NIST Privacy
NIST Privacy Framework – Your Foundation for Future Privacy Compliance
Are You in the Dark About Visibility?
CCPA is now in effect. What you need to do about it
Ransomware Going Nowhere – Healthcare Beware!
TBG Data Breaches Part 2: It’s not (necessarily) your fault
Why bother hacking when firms keep leaving the doors wide open?
Lockdown Chaos and Compliance: Better and Faster with CISO On Demand
Zoom: How to Avoid Cyber Security Video Conferencing Pitfalls
Phishing is a Popular Hobby for Coronavirus Scammers
Virgin Media and Not-Quite-Best-Practice Incident Reporting
Coronavirus And The Sudden Remote Worker Cybersecurity Problem – 5 Things to Consider
Recognizing and Beating the Coronavirus Scammers
Backup Strategy in six points (and a free mnemonic)
Assessing your risk in the New Year
(Internet of) Things Change, and Not Always for the Better
Security Benefits and Perils of Serverless Computing
The current state of privacy laws in the USA 2020: what you need to know
How to evidence your way thru compliance
Why it is high time to consider a CISO on demand
Isn’t it time we talk seriously about a nation-wide Privacy Act?
How to avoid nasty flies in your bug bounty program
Take aways from the NASA Raspberry Pi “incident”
The ins and outs of single sign on
The Delicate OpSecs needed to secure Supply Chains
Securing IoT can make profitable sense to any company
CCPA vs GDPR – what you need to know
DevSecOps: an intro on why you need it
Should C-level Bonuses Be Tied To Cybersecurity Posture?
How the US government shutdown damages cybersecurity for everybody
2019: What to expect in cybersecurity this year
Are employees really the weakest link in your cyber-defense strategy?
Will blockchain transform supply chain management?
Pen Tests and Red Teams are NOT the same
Penetration Tests: Why It Stops Trouble Before It’s Too Late
The Big Case for Multi-Factor Authentication: October Cybersecurity Awareness Month
Top Five Data Breaches of Summer 2018
Top five IT security threats AND what you can do about them
Supply Chain attacks: 80% of senior IT professionals say it’s fastest growing cyberthreat
Cryptomining overtakes Ransomware as leading malware and cause of headaches for IT
U.S. and China trade wars: What’s the likely impact on information security?
Cryptomining – How Prevalent Is It And How To Stop It
Some useful advice for newly-appointed CIOs and CISOs
Blockchain – not just for cryptocurrencies, and not guaranteed secure
Yes, the passwords users choose *really* matters
Vulnerability Assessment, Penetration Testing and Red Teams Explained
Meet CIS RAM: the new balanced infosecurity framework
What is an information security framework and why do I need one?
The truth about managing Supply Chain risk? It’ not easy
GDPR: The big myth that could slide US firms into hot water.
Blockchain: Can it secure the Internet?
Convincing executive stakeholders that even the tiniest cyber-incident can lead to big disasters.
Cybersecurity budget: CISO advice for getting your Board of Directors to take notice
Cybersecurity predictions 2018: 5 key infosecurity trends to watch out for
Takeaways from 2017’s worst cyber hacks, data leaks and breaches
What to do with the last of your 2017 cyber security budget?
Getting ahead of a new breed of Ransomware
IoT Developers: checklist for building more secure Smart Devices.
Before you buy or connect a smart device (IoT), read this!
CISOs, Do you have enough resources to do your jobs? No, we didn’t think so.
Lessons learned from the Equifax Breach – Part 2
Lessons learned from the Equifax Breach – Part 1
Top 4 cybersecurity headaches plaguing Financial Services Institutions
Tips for getting your IT security budget approved
When cheaper is not better: a quick guide to penetration tests
How to hire a good CISO: a short – but informative – guide
EU GDPR demystified: a straightforward checklist for US firms (PART THREE)
Petya or NotPetya – How It Spreads And What To Do About It
EU GDPR demystified: a straightforward reference guide for US firms (PART TWO)
EU GDPR demystified: a straight-forward guide for US firms (PART 1)
We’ve all got password fatigue, but are NIST’s new policies wise?
WannaCry’s Kill Switch won’t work for proxy users. Patch now.
Everything You Need To Know About WannaCry – Right Now
Cyber attack video simulations: NEVER trust default security settings again
Trump’s budget blueprint: what’s it mean for cybersecurity?
US border controls, electronic devices and privacy: what to think about
Why you can’t find a good CISO for love or money (but we have a solution…)
NYDFS tweak proposed cybersecurity regulations; start date pushed back to 1 March 2017
Want to be a cybersecurity hero this holiday? Here’s how.
“You Hacked.” Unexpected lessons from a ransomware attack on public services
Cybersecurity in Trumpville: the facts so far (and a few predictions…)
NYDFS propose new cybersecurity regulations, effective Jan 1 2017. Here’s what you need to know
IoT and DDOS: security advice following the Marai botnet attack on Brian Krebs
Offensive Security Unbound: introducing Red Team Service
Yes, turning on multi-factor authentication (aka 2FA) is really important
Social engineering series: the psychological norms exploited by fraudsters
Ransomware: expert prevention and mitigation advice
Want to outsource your IT security? 43 questions to ask
Is outsourcing your IT security right for your organization?
How to provide IT security training that works
Are legacy apps lurking on your network?
TBG Security secures top placement in the Palmetto Cyber Defense Competition
Addressing the PEBCAK scenario: protecting systems against rogue employees (PART 2)
The PEBCAK scenario: securing systems against non-malicious employees
How to get stakeholder ‘buy in’ for regular penetration testing
Penetration testing: Don’t caught with your pants down
OCIE’s Cybersecurity exams 2016: what you need to know now
Three BIG security threat predictions for 2016: Make sure you are covered!
3 of 4 Companies Experience Internal Information Security Incidents
Hackers Steal Trading Algorithms From Hedge Funds
Password Sharing And Reuse Prevalent In Enterprise: STUDY
SEC Publishes Cybersecurity Exam Results – Infographic
New Cybersecurity Exam Process For New York Banks
SEC Could Pressure Companies To Tighten CyberSecurity
SEC Exam Chief Plans Cybersecurity Guidance For Advisors
The Top Healthcare Breaches of 2014 – Infographic
Winshock – Microsoft fixes ’19-year-old’ bug with emergency patch
Shell Attack On Your Server: Bash Bug ‘CVE-2014-7169’ and ‘CVE-2014-6271’
Customers Are Unlikely To Do Business With Companies After Data Breach
Incident Response: Looking Beyond the Breach
14 Ways To Protect Yourself From Identity Theft
How to Delete Personal Information And Other Files Permanently From Your Computer
Best Practices for Avoiding Costly Data Breaches
FFIEC Cybersecurity Assessments Begin
10 Things You Probably Didn’t Know About Identity Theft
1/3 Of Cyber Attacks Take Hours To Detect
Winning Support for Data Breach Prevention
8 Numbers Identity Thieves Want to Steal From You
eBay Data Breach Response – How Not to Handle a Crisis
WordPress Cookie Flaw Lets Hackers Hijack Your Account
50% Of Security Professionals Do Not Secure Their Mobile Devices
The History Of Hacking – Timeline Of Hacking Techniques [Infographic]
Cybersecurity Threats – Don’t Forget Employees
Enterprise Penetration Testing In The Palm Of Your Hand
SEC Provides Guidance on CyberSecurity Exams
Is Dropbox Leaking Your Sensitive, Personal Information?
Covert Redirect Is Just a Flaw It’s Not Another Heartbleed
Microsoft Releases Patch For Zero Day Vulnerability (CVE-2014-1776) Including Patch For XP
Compliance: Why You Can’t Afford To Stay With Windows XP
Fix For Internet Explorer Security Flaw – Zero-day Internet Explorer Vulnerability (CVE-2014-1776)
Microsoft Internet Explorer Security Bug Could Impact Millions of Users
OCR Fines Two Organizations Nearly $2M Over Health Data Breaches
2014 Data Breach Investigations Report Shows Some Alarming Trends
9 Things You Need to Know Before You Store Data in the Cloud
Kentucky Enacts a Data Breach Notification Law and Protects Student Data in the Cloud
SEC to Launch Cybersecurity Exams
Heartbleed: Researchers Claim That 95% Of Detection Tools Are Flawed
New Red Herring Honeypot Fights Heartbleed
Akamai Heartbleed Patch – Not So Much!
Heartbleed: Gov. Agencies Respond
Heartbleed Bug – Open SSL Vulnerability Solution
Real Threats in Real Time: Kaspersky Lab Launches Worldwide Interactive Cyberthreat Map
Small Business Data Breach: Mitigating the Damage
SEC Struggles on Cyber-Security
Target CFO Grilled in Senate Hearing
Solving Cloud Security Will Open Adoption Floodgates
Big Data Analytics: Is It The Future Of IT Security?
Improving Security via Proper Network Segmentation
Electronic data breach bill advances in Kentucky Senate
Morrisons employee arrested in Leeds in connection with massive pay-roll breach – Techworld.com
How to Defend Against Identity Theft This Tax Season
Why Did Target Ignore Retail Hack Warning Signs?: Video
Social engineering attacks: Is security focused on the wrong problem?
PCI DSS v3.0 Goes Into Effect January 1, 2014 – Are You Ready?
Interactive Data Breach Chart Shows Security Flaws Rising
Cyber criminals capitalize on news of Boston bombing
BYOD – Bring Your Own Device – Good Idea?
3.6 Million South Carolina Social Security Numbers Stolen
Massachusetts group to pay $1.5M HIPAA settlement
Are Fax Transmissions Covered Under 201 CMR 17.00?
The 201 CMR 17.00 Compliance Deadline of March 1, 2010 Is Rapidly Approaching.
Getting Ready For 201 CMR 17.00

Contact

Email: Kevin@tbgsecurity.com
Mobile: 781.820.9032