|Do Your Employees Stand Up to Security Testing?|
|Anne Bisagno—Monday, April 24, 2017
Training your employees to recognize security risks works — especially when they're learning how to spot phishing attempts.
The Ponemon Institute estimates anti-phishing training delivers an astonishing 50x return on investment. But how can you be sure you're getting
that ROI? Simple: put your training to the test.
|You Can Handle the Truth (About Security Vulnerabilities)|
|Anne Bisagno—Monday, April 10, 2017
Many people are under the impression that telling a vendor about a cyber security flaw in software or a device is at best pointless and at worst a reckless
invitation for hackers to exploit it. That's why we at Xantrion were so interested in this cyber security pro's story about spotting and reporting a security problem in an IoT device — a wireless webcam that the researcher discovered he could theoretically take over and use to get live access to other webcam
owners' cameras. The vendor responded to his report in just four days and had a patch and customer alert ready to go in a month.
|New York State Beefs Up Cyber Security Regulations|
|Anne Bisagno—Monday, April 03, 2017
As the center of the US financial industry, New York State has plenty of reasons to want to protect financial institutions and their customers against
the constant threat of cyber attacks. Six months ago, it released the country's first state-mandated cyber security regulations. This month, it followed
up with a series of regulations for banks, hedge funds, insurers, and financial institutions that significantly expands the type and amount of data
they need to protect, and what they must to do to ensure that protection. In particular, the regulations require financial services firms to:
|Five Tips for Using Customer Data Responsibly|
|Anne Bisagno—Monday, March 27, 2017
The seemingly unending stream of reports about data breaches have customers more worried than ever about how online companies are using their personal
data and whether it's properly protected. The European Commission is responding by tightening consumer privacy regulations. If you have customers in
the EU, you'll need to comply regardless of where your company is based, but even if these new regulations don't affect you, it's a good idea to follow
these five practices to keep your customers' trust (and their business):
|The 3 Cs of Cybersecurity|
|Anne Bisagno—Monday, March 20, 2017
If you hope to get your non-technical employees actively engaged in helping the company fend off cyber threats, you can't talk to them in technical terms.
Lance Spitzner, a board member of the National Cyber Security Alliance, suggests framing the issue with these three Cs:
|Cloud Security is Business-Ready. Are You?|
|Anne Bisagno—Monday, March 13, 2017
If you've been avoiding moving critical applications and data to the cloud out of concerns about security, it's time to reconsider. The question isn't
whether leading cloud providers' resources are secure. They are. They've invested heavily to make sure of it, and they've built an ecosystem of tech
partners with solutions that are equally secure. The real question is whether your company knows how to prepare to implement cloud services and ensure they work properly and securely.
|Three Ways to Prepare for a Data Breach|
|Anne Bisagno—Monday, March 06, 2017
The better your response to a cyber attack, the more limited its impact. In fact, the Ponemon Institute says strong incident response (IR) saves an average
of $400,000 in damages per data breach. But how do you ensure your IR is strong? By taking these three proactive steps before a breach happens:
|Skills Gap = Security Gap|
|Anne Bisagno—Monday, February 27, 2017
Roughly 1 million cybersecurity jobs worldwide are unfilled. The people already in the field are scrambling to keep up with the constantly changing tools
and know-how they need to fend off attackers. No wonder 70% of organizations surveyed by the Information Systems Security Association (ISSA) and analyst
firm Enterprise Strategy Group (ESC) say the cybersecurity skills gap is causing them problems,
and 54% say they've experienced at least one breach in the last year.
|Training your Employees to Recognize Phishing Emails Works|
|Anne Bisagno—Tuesday, February 21, 2017
When anti-phishing security company PhishMe tested about 1,000 of its customers worldwide by sending them more than 40 million simulated phishing emails
over the course of 18 months, it concluded that phishing causes the vast majority of cyberattacks —
an estimated 91% of them. It also found the most effective phishing emails come from Locky ransomware, most likely because they look like personalized
invoices and lack the grammar and spelling mistakes common among other malware.
|What’s the Best Way to Fend off Ransomware Attacks?|
|Anne Bisagno—Friday, February 17, 2017
Since ransomware attacks are more prevalent than ever according to a recent Forbes article,
we’ve put together some best practices that
will help you fight back. Hopefully our articles will reassure you that the fight isn’t a losing battle.