May 2017 Blog Posts (18)

A strategy is but a hypothesis

I have facilitated countless workshops for executive teams. Sometimes we kick goals because the exec team have done their homework and really know their business and the challenges they face. They have done enough of the hard-smart work to know what they need to tackle and now they are working through the options and determining the best path forward.

Then there are the ones that have not done their homework. The formation of strategy appears based on hope or…

Continue

Added by Bryan Whitefield on May 31, 2017 at 2:12am — No Comments

Hire an Ethical Hacker NOW!

You might think it’s crazy to actually hire a hacker, but if you don’t have an ethical hacker on your security team, you could be playing a dangerous game.

Ethical hackers are called “white hat hackers” and are legal hackers, that help businesses find security problems in their networks. Developer and security teams, who build out codes, should have a white hat hacker on their side. This way, they will know from the start if the code is vulnerable. This is also known…

Continue

Added by Robert Siciliano on May 30, 2017 at 4:32pm — No Comments

Symantec ISTR 2017

Symantec recently released its latest Internet Security Threat Report (ISTR). If you are not familiar with this report it provides a global snapshot of the state of internet threats. It examines Targeted Attacks; Email: Malware, spam & phishing; Web attacks, toolkits, & exploiting vulnerabilities online; Cyber Crime and the underground economy; Ransomware: extorting businesses & consumers; New frontiers: Internet of Things, mobile, & cloud threats.

If you want to get…

Continue

Added by Douglas Nagan on May 29, 2017 at 7:30pm — No Comments

7 Steps To Take Control Of Operational Risk

A lesson many businesses learn the hard way is that in today's ever-changing and complex regulatory and political environment operational risks appear to be increasingly exponentially. In order to take control of Operational Risk leaders of the company and risk managers need to have the answers to many questions. Can I profitably grow my…

Continue

Added by Boris Agranovich on May 27, 2017 at 10:00am — 2 Comments

Reactive vs. Proactive Compliance

Whether we are talking about broader HSSE or more narrowly focused CIP, NERC, ISO, Dodd-Frank, etc. compliance,  there are two general approaches to implementing a compliance plan within an organization:  proactive and reactive.

Reactive – Many companies have used a reactive compliance process for many years.  I hesitate to call a reactive approach a plan because it really isn’t a plan beyond the mechanics of…
Continue

Added by fahad_factors on May 24, 2017 at 10:54pm — No Comments

8 Ways to Protect Against Ransomware Attacks

Last week, news broke of a global ransomware attack that has struck individuals and companies around the world. In the wake of the attack, which has affected computers in 150 countries, many companies…

Continue

Added by Steven Minsky on May 24, 2017 at 4:30pm — No Comments

The Best Gmail Phishing Scam Ever!

If you use Gmail, pay attention! Security experts have announced that there is a very effective phishing scam out there, and you are a target. This scam, which has only been growing over the past couple of months, is also hitting other email providers, too. However, it’s quite difficult to detect.

According to researchers at WordFence, who make a security tool for WordPress, this is a pretty serious…

Continue

Added by Robert Siciliano on May 24, 2017 at 2:19pm — No Comments

Invite a chicken to lunch

I have always been fascinated by the old question, “Which came first, the chicken or the egg?” According to one article I read prior to…

Continue

Added by Bryan Whitefield on May 24, 2017 at 2:57am — No Comments

Top 12 Tips to Destroy Your Sensitive Data

Believe it or not, you just can’t shred too much. If you aren’t destroying your sensitive data, my best advice is for you to start now. There are people out there who make a living diving into dumpsters in search of credit card info, bank account number, mortgage statements, and medical bills; all things they can use to steal your identity.

Here are 12 tips that you can use to help you destroy your sensitive data:

  1. Buy a shredder. That said, I don’t own a…
Continue

Added by Robert Siciliano on May 18, 2017 at 2:11pm — No Comments

Malware Hack Attacking the Grid…BIGLY

For more than four years, malware has been posing as legitimate software and infecting industrial equipment across the globe.

The malware, which looks just like the Siemens control gear software, has affected at least seven plants in the US. According to security experts, the malware was specifically designed to attack this industrial equipment, but what it does is not totally known. It is only described as a type of “crimeware.”

The malware was first hinted…

Continue

Added by Robert Siciliano on May 16, 2017 at 2:16pm — No Comments

Massive Global Cyber Attack

On Friday, as most of you know, there was a massive global cyber attack that took the form of ransomware. The cost of which is still be calculated.

When you read the articles and analysis several things stand out, which I have been advising you about for some time. The attacks exploited non technical issues. Specifically the all too human behavior that clicks on emails or links that are not secure and not doing updates to key software in a timely manner. All the security technology is…

Continue

Added by Douglas Nagan on May 13, 2017 at 3:00pm — No Comments

Second Hand and Discarded Devices Lead to Identity Theft

A new study was just released by the National Association for Information Destruction. What did it find? Astonishingly, about 40% of all digital devices that are found on the second-hand market had personal information left on them. These include tablets, mobile phones, and hard drives.

The market for second hand items is large, and it’s a good way to find a decent mobile device or computer for a good price. However, many times, people don’t take the time to make…

Continue

Added by Robert Siciliano on May 10, 2017 at 2:20pm — No Comments

How to Ensure Regulatory Compliance and Effective Safety Management for Oil and Gas Companies?

The Oil and Gas industry is growing but at the same time increases in Oil and Gas activity correlate with an increase in the rate of fatal occupational injuries, particularly when inexperienced workers are not sufficiently trained in safety and precautionary measures.

In addition, Oil and Gas companies also face unprecedented regulatory pressures –organizations are faced with the challenge of effectively managing their OSHA, BSEE, USCG, DOT, EPA,…

Continue

Added by fahad_factors on May 10, 2017 at 2:00pm — No Comments

Support functions and insurance companies: A lot in common?

Last blog I said it was good to be common and pointed you to my latest paper on building tribes with a common purpose. This blog I’m not so sure you…

Continue

Added by Bryan Whitefield on May 10, 2017 at 1:16am — No Comments

Weather the Storm of Policy and Procedure Management

Storm of Content

The Affordable Care Act. HIPAA. OSHA. If there is one thing hospitals aren’t short of these days, it’s new rules and regulations. And for every fresh law or regulation that gets passed, new or updated policies follow. Add in new technology adoption by the way of Electronic Health Records (EHRs) or mobile health and you’ve got a storm of seemingly countless—and constantly changing—policies and procedures that overworked…

Continue

Added by fahad_factors on May 8, 2017 at 6:00pm — No Comments

Online Penetration Testing and Ethical Hacking - FREE Video Training Course

If the idea of hacking as a career excites you, you’ll benefit greatly from completing this training. You’ll learn how to exploit networks in the manner of an attacker, in order to find out how protect the system from them.

"The control of information is something the elite always does … Information, knowledge, is power.”

– Tom Clancy



No longer will money have dominion over our ability to learn. Penetration testing and ethical…

Continue

Added by Boris Agranovich on May 6, 2017 at 2:30pm — No Comments

Getting Rid of an Electronic Device? Do This First…

A shocking study by the National Associated for Information Destruction has revealed some terrifying information: 40% of electronic devices found on the second-hand market contains personal information. This information includes usernames and passwords, personal information, credit card numbers, and even tax information. Tablets were the most affected, with 50% of them containing this sensitive information, while 44% of hard drives contained the info.

What does this…

Continue

Added by Robert Siciliano on May 3, 2017 at 2:00pm — No Comments

Phishing is Getting Fishier

If you are like most of us, you have undoubtedly received an email that has asked you to click on a link. Did you click it? If you did, you are like 99% of internet users because clicking links in normal. But in some situations you may have found that the link took you to a new or maybe spoofed website where you might be asked to log in. If you ever did this, you may have been the victim of a likely phishing attack, and these attacks are getting fishier all of the time.…

Continue

Added by Robert Siciliano on May 2, 2017 at 2:18pm — No Comments

Monthly Archives

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

1999

Our Sponsors

Would you like to reach over 90,000 + Risk Professionals? 

REQUEST OUR MEDIA KIT

______________________

Current Partners Include:

 

Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.

CLICK HERE TO APPLY

Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2020   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service