This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site you consent to the placement of these cookies.

Risk Management

Posted on June 12, 2018 in ISO 27001, Risk Management, vCISO

Considering that cyberattacks occur every day and cost the global economy a staggering $350 billion+ worldwide*, you would think strategizing to avoid such assaults would be a top priority of all businesses. Incredibly, it is not.

Posted on May 23, 2018 in ISO 27001, Market Research, Risk Management

The world of cybersecurity has had some fundamental shifts in the past few years that have made the vast majority of companies unprepared for today’s threats. The proliferated use of malware, for example, has dramatically reduced the intrinsic value of traditional security solutions, such as firewalls, IDS/IPS, and anti-virus software. These solutions that used to…

Posted on May 16, 2018 in ISO 27001, Market Research, Risk Management

Modern information security breaches follow a very specific pattern and most organizations are simply not designed to stop these attacks, and unfortunately not even able to detect them for months and sometimes years later.  In short, hackers today use malware rather than direct attacks to compromise organizations like Equifax, Uber, Anthem, Target, Home Depot, JP…

Posted on May 9, 2018 in ISO 27001, Market Research, Risk Management

A huge industrial fire breaks out at a warehouse in the lower east side of the city. Black smoke billows high into the air which can be seen for miles around as people evacuate to safety. Part of the building collapses and screams can be heard from inside. Several fire trucks are there. The truck…

Posted on May 2, 2018 in ISO 27001, Market Research, Risk Management

The state of information security for companies in the U.S. is scary.  2014 was a record setting year in terms of data breaches with a staggering 783 breaches reported.  That means on average more than 2 breaches were reported every day in 2014. The percentage by industry sector remained about the same as previous years…

Posted on April 25, 2018 in ISO 27001, Risk Management

The term “Go Big or Go Home” was first used by an exhaust system manufacturer in the ‘90s named Porker Pipes who primarily sold to Harley Davidson Motorcycles. The term has been reused, rehashed, and repurposed over and over in the subsequent 20+ years by just about everyone. However, hackers have taken this motto to…

Posted on April 18, 2018 in ISO 27001, Risk Management

Many federal contractors are realizing that they don’t have much time to enhance their systems if they want to maintain their contracts with the federal government. There are now “Basic Safeguarding” requirements in place with only a few months left to comply. These rules apply to contractors who work with the U.S. Department of Defense…

Posted on March 23, 2018 in ISO 27001, Market Research, Risk Management

As the threat of a potentially devastating data breach continues to proliferate, and with the deadline of GDPR enforcement looming, companies are focusing more intently on how they secure their data. What should be at the heart of any serious effort is an Information Security Management System (ISMS) – a system of processes, documents, technology…

Posted on March 5, 2018 in ISO 27001, Market Research, Risk Management

An Information Security Management System (ISMS) is a system of processes, documents, technology and people that helps to manage, monitor, audit and improve your organization’s information security. It helps you manage all your security practices in one place, consistently and cost-effectively.

Posted on February 26, 2018 in ISO 27001, Market Research, Risk Management

How ISO 27001 will help your business This post outlines the benefits of achieving certification to the international information security management standard, ISO/ IEC 27001. Accredited certification to ISO 27001 demonstrates to existing and potential clients that an organization has established and implemented best-practice information security processes.