Blog

I have facilitated countless workshops for executive teams. Sometimes we kick goals because the exec team have done their homework and really know their business and the challenges they face. They have done enough of the hard-smart work to know what they need to tackle and now they are working through the options and determining the best path forward.

Then there are the ones that have not done their homework. The formation of strategy appears based on hope or even wish rather than facts and consi

You might think it’s crazy to actually hire a hacker, but if you don’t have an ethical hacker on your security team, you could be playing a dangerous game.

Ethical hackers are called “white hat hackers” and are legal hackers, that help businesses find security problems in their networks. Developer and security teams, who build out codes, should have a white hat hacker on their side. This way, they will know from the start if the code is vulnerable. This is also known as “application security”.

How

Symantec recently released its latest Internet Security Threat Report (ISTR). If you are not familiar with this report it provides a global snapshot of the state of internet threats. It examines Targeted Attacks; Email: Malware, spam & phishing; Web attacks, toolkits, & exploiting vulnerabilities online; Cyber Crime and the underground economy; Ransomware: extorting businesses & consumers; New frontiers: Internet of Things, mobile, & cloud threats.

If you want to get an understanding of the threa

A lesson many businesses learn the hard way is that in today's ever-changing and complex regulatory and political environment operational risks appear to be increasingly exponentially. In order to take control of Operational Risk leaders of the company and risk managers need to have the answers to many questions. Can I profitably grow my business? How do I effectively monitor my outsourced activities? Am I paying enough attention to the risk I am taking on?

With every business having its own ri

Last week, news broke of a global ransomware attack that has struck individuals and companies around the world. In the wake of the attack, which has affected computers in 150 countries, many companies are wondering 1) if they’re going to be hit and 2) what they can do to protect themselves.

The WannaCry ransomware attack still isn’t over, and we’ll see over the coming weeks what the final numbers are. It’s not too late to improve preventative measures for the next wave, which will likely be smart

If you use Gmail, pay attention! Security experts have announced that there is a very effective phishing scam out there, and you are a target. This scam, which has only been growing over the past couple of months, is also hitting other email providers, too. However, it’s quite difficult to detect.

According to researchers at WordFence, who make a security tool for WordPress, this is a pretty serious attack and can have quite an impact, even for those who are up on security.

Here’s how it works:

You

I have always been fascinated by the old question, “Which came first, the chicken or the egg?” According to one article I read prior to writing this blog, the chicken came first because the formation of eggs is only possible due to proteins found in a chicken’s ovaries. Because that was the answer I wanted to hear, that is as far as my research went. Now to my point.

Communicating the benefits of an intangible benefit is incredibly difficult. Take communicating the benefits of a program that help

Believe it or not, you just can’t shred too much. If you aren’t destroying your sensitive data, my best advice is for you to start now. There are people out there who make a living diving into dumpsters in search of credit card info, bank account number, mortgage statements, and medical bills; all things they can use to steal your identity.

Here are 12 tips that you can use to help you destroy your sensitive data:

1. Buy a shredder. That said, I don’t own a shredder. I’ll explain shortly. There are a

For more than four years, malware has been posing as legitimate software and infecting industrial equipment across the globe.

The malware, which looks just like the Siemens control gear software, has affected at least seven plants in the US. According to security experts, the malware was specifically designed to attack this industrial equipment, but what it does is not totally known. It is only described as a type of “crimeware.”

The malware was first hinted at in 2013, but at that time, it was no

On Friday, as most of you know, there was a massive global cyber attack that took the form of ransomware. The cost of which is still be calculated.

When you read the articles and analysis several things stand out, which I have been advising you about for some time. The attacks exploited non technical issues. Specifically the all too human behavior that clicks on emails or links that are not secure and not doing updates to key software in a timely manner. All the security technology is helpless if

A new study was just released by the National Association for Information Destruction. What did it find? Astonishingly, about 40% of all digital devices that are found on the second-hand market had personal information left on them. These include tablets, mobile phones, and hard drives.

The market for second hand items is large, and it’s a good way to find a decent mobile device or computer for a good price. However, many times, people don’t take the time to make sure all their personal informati

The Oil and Gas industry is growing but at the same time increases in Oil and Gas activity correlate with an increase in the rate of fatal occupational injuries, particularly when inexperienced workers are not sufficiently trained in safety and precautionary measures.

In addition, Oil and Gas companies also face unprecedented regulatory pressures –organizations are faced with the challenge of effectively managing their OSHA, BSEE, USCG, DOT, EPA, Conflict Minerals, NI-52109, COBIT, ISO and compli

Last blog I said it was good to be common and pointed you to my latest paper on building tribes with a common purpose. This blog I’m not so sure you will be happy to have something in common with insurance companies.

I used to work in the insurance industry. I was there at the Ides of March 2001 when HIH went into liquidation. The insurance industry was and remains a tough industry and has a lot more in common with support functions than you may realise.

The top five things corporate support funct

Storm of Content

The Affordable Care Act. HIPAA. OSHA. If there is one thing hospitals aren’t short of these days, it’s new rules and regulations. And for every fresh law or regulation that gets passed, new or updated policies follow. Add in new technology adoption by the way of Electronic Health Records (EHRs) or mobile health and you’ve got a storm of seemingly countless—and constantly changing—policies and procedures that overworked employees must navigate daily.

The number, type, and complex

If the idea of hacking as a career excites you, you’ll benefit greatly from completing this training. You’ll learn how to exploit networks in the manner of an attacker, in order to find out how protect the system from them.

"The control of information is something the elite always does … Information, knowledge, is power.”
– Tom Clancy

No longer will money have dominion over our ability to learn. Penetration testing and ethical hacking are skill sets as in-demand as anything else in the Cyber Se

A shocking study by the National Associated for Information Destruction has revealed some terrifying information: 40% of electronic devices found on the second-hand market contains personal information. This information includes usernames and passwords, personal information, credit card numbers, and even tax information. Tablets were the most affected, with 50% of them containing this sensitive information, while 44% of hard drives contained the info.

What does this mean for you? It means that al

If you are like most of us, you have undoubtedly received an email that has asked you to click on a link. Did you click it? If you did, you are like 99% of internet users because clicking links in normal. But in some situations you may have found that the link took you to a new or maybe spoofed website where you might be asked to log in. If you ever did this, you may have been the victim of a likely phishing attack, and these attacks are getting fishier all of the time.

A What? Phish? Fish?

It’s c

Governance is defined by the organizational processes used to make and implement decisions. Good governance is not necessarily making only the “correct” decisions. It’s using the best possible risk management process to inform decision-making, which has the potential to impact employees, customers, other stakeholders, and the community at large.

Optimizing organizational governance is not just recommended, it’s a moral and legal obligation. Every company, no matter its industry, product, or servi

You have surely heard of Instagram, the photo sharing social network, but what about “Finstagram?” If you are like most parents, you have rules about the social media practices of your kids. However, once you learn about Finstagram, those might all go out the window.

When you combine the words “fake” and “Instagram,” you get Finstagram. Essentially, these are fake, or alternative, Instagram accounts that are created by teens, for the most part. These accounts can be used for harmless laughs, such