Pages
Posts
- Hafnium and SolarWinds shake up attitudes to supply chain risk management
- Takeaways from the British Mensa Security Drama
- Remember Online Scams Target Businesses Too
- 2020 Holiday Infosecurity advice for the people in your life
- Information Security Policies: Knowing Who and How to Trust
- Are Your IT Security Insides Troubling You?
- Making Vendor Risk Management Part of Your Security Strategy
- How the pandemic changed everything and nothing
- Examining the How of NIST Privacy
- NIST Privacy Framework – Your Foundation for Future Privacy Compliance
- Are You in the Dark About Visibility?
- CCPA is now in effect. What you need to do about it
- Ransomware Going Nowhere – Healthcare Beware!
- TBG Data Breaches Part 2: It’s not (necessarily) your fault
- Why bother hacking when firms keep leaving the doors wide open?
- Lockdown Chaos and Compliance: Better and Faster with CISO On Demand
- Zoom: How to Avoid Cyber Security Video Conferencing Pitfalls
- Phishing is a Popular Hobby for Coronavirus Scammers
- Virgin Media and Not-Quite-Best-Practice Incident Reporting
- Coronavirus And The Sudden Remote Worker Cybersecurity Problem – 5 Things to Consider
- Recognizing and Beating the Coronavirus Scammers
- Backup Strategy in six points (and a free mnemonic)
- Assessing your risk in the New Year
- (Internet of) Things Change, and Not Always for the Better
- Security Benefits and Perils of Serverless Computing
- The current state of privacy laws in the USA 2020: what you need to know
- How to evidence your way thru compliance
- Why it is high time to consider a CISO on demand
- Isn’t it time we talk seriously about a nation-wide Privacy Act?
- How to avoid nasty flies in your bug bounty program
- Take aways from the NASA Raspberry Pi “incident”
- The ins and outs of single sign on
- The Delicate OpSecs needed to secure Supply Chains
- Securing IoT can make profitable sense to any company
- CCPA vs GDPR – what you need to know
- DevSecOps: an intro on why you need it
- Should C-level Bonuses Be Tied To Cybersecurity Posture?
- How the US government shutdown damages cybersecurity for everybody
- 2019: What to expect in cybersecurity this year
- Are employees really the weakest link in your cyber-defense strategy?
- Will blockchain transform supply chain management?
- Pen Tests and Red Teams are NOT the same
- Penetration Tests: Why It Stops Trouble Before It’s Too Late
- The Big Case for Multi-Factor Authentication: October Cybersecurity Awareness Month
- Top Five Data Breaches of Summer 2018
- Top five IT security threats AND what you can do about them
- Supply Chain attacks: 80% of senior IT professionals say it’s fastest growing cyberthreat
- Cryptomining overtakes Ransomware as leading malware and cause of headaches for IT
- U.S. and China trade wars: What’s the likely impact on information security?
- Cryptomining – How Prevalent Is It And How To Stop It
- Some useful advice for newly-appointed CIOs and CISOs
- Blockchain – not just for cryptocurrencies, and not guaranteed secure
- Yes, the passwords users choose *really* matters
- Vulnerability Assessment, Penetration Testing and Red Teams Explained
- Meet CIS RAM: the new balanced infosecurity framework
- What is an information security framework and why do I need one?
- The truth about managing Supply Chain risk? It’ not easy
- GDPR: The big myth that could slide US firms into hot water.
- Blockchain: Can it secure the Internet?
- Convincing executive stakeholders that even the tiniest cyber-incident can lead to big disasters.
- Cybersecurity budget: CISO advice for getting your Board of Directors to take notice
- Cybersecurity predictions 2018: 5 key infosecurity trends to watch out for
- Takeaways from 2017’s worst cyber hacks, data leaks and breaches
- What to do with the last of your 2017 cyber security budget?
- Getting ahead of a new breed of Ransomware
- IoT Developers: checklist for building more secure Smart Devices.
- Before you buy or connect a smart device (IoT), read this!
- CISOs, Do you have enough resources to do your jobs? No, we didn’t think so.
- Lessons learned from the Equifax Breach – Part 2
- Lessons learned from the Equifax Breach – Part 1
- Top 4 cybersecurity headaches plaguing Financial Services Institutions
- Tips for getting your IT security budget approved
- When cheaper is not better: a quick guide to penetration tests
- How to hire a good CISO: a short – but informative – guide
- EU GDPR demystified: a straightforward checklist for US firms (PART THREE)
- Petya or NotPetya – How It Spreads And What To Do About It
- EU GDPR demystified: a straightforward reference guide for US firms (PART TWO)
- EU GDPR demystified: a straight-forward guide for US firms (PART 1)
- We’ve all got password fatigue, but are NIST’s new policies wise?
- WannaCry’s Kill Switch won’t work for proxy users. Patch now.
- Everything You Need To Know About WannaCry – Right Now
- Cyber attack video simulations: NEVER trust default security settings again
- Trump’s budget blueprint: what’s it mean for cybersecurity?
- US border controls, electronic devices and privacy: what to think about
- Why you can’t find a good CISO for love or money (but we have a solution…)
- NYDFS tweak proposed cybersecurity regulations; start date pushed back to 1 March 2017
- Want to be a cybersecurity hero this holiday? Here’s how.
- “You Hacked.” Unexpected lessons from a ransomware attack on public services
- Cybersecurity in Trumpville: the facts so far (and a few predictions…)
- NYDFS propose new cybersecurity regulations, effective Jan 1 2017. Here’s what you need to know
- IoT and DDOS: security advice following the Marai botnet attack on Brian Krebs
- Offensive Security Unbound: introducing Red Team Service
- Yes, turning on multi-factor authentication (aka 2FA) is really important
- Social engineering series: the psychological norms exploited by fraudsters
- Ransomware: expert prevention and mitigation advice
- Want to outsource your IT security? 43 questions to ask
- Is outsourcing your IT security right for your organization?
- How to provide IT security training that works
- Are legacy apps lurking on your network?
- TBG Security secures top placement in the Palmetto Cyber Defense Competition
- Addressing the PEBCAK scenario: protecting systems against rogue employees (PART 2)
- The PEBCAK scenario: securing systems against non-malicious employees
- How to get stakeholder ‘buy in’ for regular penetration testing
- Penetration testing: Don’t caught with your pants down
- OCIE’s Cybersecurity exams 2016: what you need to know now
- Three BIG security threat predictions for 2016: Make sure you are covered!
- 3 of 4 Companies Experience Internal Information Security Incidents
- Hackers Steal Trading Algorithms From Hedge Funds
- Password Sharing And Reuse Prevalent In Enterprise: STUDY
- SEC Publishes Cybersecurity Exam Results – Infographic
- New Cybersecurity Exam Process For New York Banks
- SEC Could Pressure Companies To Tighten CyberSecurity
- SEC Exam Chief Plans Cybersecurity Guidance For Advisors
- The Top Healthcare Breaches of 2014 – Infographic
- Winshock – Microsoft fixes ’19-year-old’ bug with emergency patch
- Shell Attack On Your Server: Bash Bug ‘CVE-2014-7169’ and ‘CVE-2014-6271’
- Customers Are Unlikely To Do Business With Companies After Data Breach
- Incident Response: Looking Beyond the Breach
- 14 Ways To Protect Yourself From Identity Theft
- How to Delete Personal Information And Other Files Permanently From Your Computer
- Best Practices for Avoiding Costly Data Breaches
- FFIEC Cybersecurity Assessments Begin
- 10 Things You Probably Didn’t Know About Identity Theft
- 1/3 Of Cyber Attacks Take Hours To Detect
- Winning Support for Data Breach Prevention
- 8 Numbers Identity Thieves Want to Steal From You
- eBay Data Breach Response – How Not to Handle a Crisis
- WordPress Cookie Flaw Lets Hackers Hijack Your Account
- 50% Of Security Professionals Do Not Secure Their Mobile Devices
- The History Of Hacking – Timeline Of Hacking Techniques [Infographic]
- Cybersecurity Threats – Don’t Forget Employees
- Enterprise Penetration Testing In The Palm Of Your Hand
- SEC Provides Guidance on CyberSecurity Exams
- Is Dropbox Leaking Your Sensitive, Personal Information?
- Covert Redirect Is Just a Flaw It’s Not Another Heartbleed
- Microsoft Releases Patch For Zero Day Vulnerability (CVE-2014-1776) Including Patch For XP
- Compliance: Why You Can’t Afford To Stay With Windows XP
- Fix For Internet Explorer Security Flaw – Zero-day Internet Explorer Vulnerability (CVE-2014-1776)
- Microsoft Internet Explorer Security Bug Could Impact Millions of Users
- OCR Fines Two Organizations Nearly $2M Over Health Data Breaches
- 2014 Data Breach Investigations Report Shows Some Alarming Trends
- 9 Things You Need to Know Before You Store Data in the Cloud
- Kentucky Enacts a Data Breach Notification Law and Protects Student Data in the Cloud
- SEC to Launch Cybersecurity Exams
- Heartbleed: Researchers Claim That 95% Of Detection Tools Are Flawed
- New Red Herring Honeypot Fights Heartbleed
- Akamai Heartbleed Patch – Not So Much!
- Heartbleed: Gov. Agencies Respond
- Heartbleed Bug – Open SSL Vulnerability Solution
- Real Threats in Real Time: Kaspersky Lab Launches Worldwide Interactive Cyberthreat Map
- Small Business Data Breach: Mitigating the Damage
- SEC Struggles on Cyber-Security
- Target CFO Grilled in Senate Hearing
- Solving Cloud Security Will Open Adoption Floodgates
- Big Data Analytics: Is It The Future Of IT Security?
- Improving Security via Proper Network Segmentation
- Electronic data breach bill advances in Kentucky Senate
- Morrisons employee arrested in Leeds in connection with massive pay-roll breach – Techworld.com
- How to Defend Against Identity Theft This Tax Season
- Why Did Target Ignore Retail Hack Warning Signs?: Video
- Social engineering attacks: Is security focused on the wrong problem?
- PCI DSS v3.0 Goes Into Effect January 1, 2014 – Are You Ready?
- Interactive Data Breach Chart Shows Security Flaws Rising
- Cyber criminals capitalize on news of Boston bombing
- BYOD – Bring Your Own Device – Good Idea?
- 3.6 Million South Carolina Social Security Numbers Stolen
- Massachusetts group to pay $1.5M HIPAA settlement
- Are Fax Transmissions Covered Under 201 CMR 17.00?
- The 201 CMR 17.00 Compliance Deadline of March 1, 2010 Is Rapidly Approaching.
- Getting Ready For 201 CMR 17.00
Contact
Email: Kevin@tbgsecurity.com
Mobile: 781.820.9032