To effectively guard against an enemy of any kind it’s important to know your enemy. This strategy is just as effective when fighting an online battle to protect your company’s data.

Before you can effectively defend against cyberattacks, it is important to educate yourself on potential threats and how to handle them. We invite you to join us on September 7 for part two of the Columbus Cybersecurity Series featuring FBI agent David Fine returns. During this portion of the
Continue Reading

The new DoD cybersecurity regulations require contractors to implement the security requirements specified by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations,” not later than Dec. 31, 2017. DFARS, 252.204-7008(c)(1).

However, a contractor may propose to vary from the NIST SP 800-171 requirements under two circumstances. Under DFARS 252.204-7008(c)(2), a contractor may propose to vary from the security requirements specified by NIST SP 800-171 through a
Continue Reading

bankThe Federal Financial Institutions Examination Council (FFIED) warned financial institutions of the increasing frequency and severity of cyber attacks involving extortion resulting from ransomeware, denial of service attacks, and theft of sensitive business and customer information to extort payment and other concessions from victims.

The FFIEC recommends that financial institutions develop and implement programs to ensure that the institutions are able to identify, protect, detect, respond to, and recover from these types of attacks, including:

  • Conducting ongoing information security risk


Continue Reading

cloud-computing-magnifiDemand for cloud computing is mounting swiftly, with double-digit annual growth rates expected through 2018.

Use of a remote, shared computer network to store, manage and process data can save time and money by eliminating the need for a local data center and an IT team to run it. Whether on a smart phone, a laptop or a desktop computer, cloud computing gives users immediate access to data anywhere there is an Internet connection.

Gartner, one of the world’s foremost
Continue Reading

web appsThe Web hosts a vast array of applications, many of them critical for business operations, from office suites such as Google Docs, to email, calculators, spread sheets and data storage.

Nearly all mobile applications connect to the cloud, storing private business information, user names, passwords and other sensitive content. Employees tie into the Web with mobile device apps such as Google Maps, LinkedIn and Wink, which allows users to see from afar who is ringing the home doorbell or lets
Continue Reading

ponemon-institutePreparing for a breach can greatly reduce the cost of a breach according to the Ponemon Institute. Thus, insurers reward those organizations who have taken preparatory steps and implemented defensive measures such as an incident response plan and designated a team to execute that plan. An incident response plan will identify the actions that should be taken when a data incident occurs. Having an incident response plan can result in lower premiums.

Since securing cyber liability insurance is now a
Continue Reading

An incident response plan can lead to a better roadmap for securing cost-effective cyber liability insurance and, consequently, lower costs associated with a data breach.

The adoption of an incident response plan is a major indicator to underwriters that an organization is sophisticated and understands that incidents do occur regularly within firewall perimeters and that the organization has an early detection, containment and eradication plan in place to manage incidents, thus protecting data more effectively.

Early detection minimizes the time
Continue Reading

Ben-FranklinFire prevention elements played a large role in the planning of Philadelphia; streets were wider than average and brick and stone were common building elements. Despite these preventive measures and the efforts of firefighters, fires did still occur. Benjamin Franklin began to study this situation and stated “About this time I wrote a paper…on the different accidents and carelessness by which houses were set on fire, with cautions against them, and means purposed of avoiding them.” In 1736 Franklin and
Continue Reading

Two recent cases and NetDiligence’s 2015 Cyber Claims Study suggest that every organization that collects personally identifiable information from consumers should consider buying cyber insurance. PII-Image-672x372

Consumer businesses, non-profits, and government-run utilities often collect consumer personally identifiable information, such as full names, dates of birth, social security numbers, account user names and passwords, etc., in the course of their operations. Many states regulate how such personally identifiable information can be collected, recorded, stored, used, and disposed. If your organization does business
Continue Reading

Law firms are increasingly becoming the target of cyber attacks. Below is a phishing attack email example. (You can read Diane Reynolds’ blog post on phishing attacks here.) Basically, bad guys want you to open an email and click on a link that provides them access to your computer and our network. There are some simple ways to spot a phishing email.

First, ask yourself why would UPS send you an email to complete a shipment? Never happens.

Second, why
Continue Reading