9 U.S. States Pass New or Expanded Data Breach Laws

9 U.S. States Pass New or Expanded Data Breach Laws

In the absence of federal action, states have been actively passing new and expanded requirements for privacy and cybersecurity. While laws like the California Consumer Privacy Act (CCPA) are getting all the attention, many states are actively amending their breach...
New NIST Requirements Increase Cyber Security Controls

New NIST Requirements Increase Cyber Security Controls

A new supplement to the National Institute of Standards and Technology (NIST) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” is on the way.  The proposed supplement 800-171B adds 35 new requirements that go alongside...
What is Credential Stuffing?

What is Credential Stuffing?

Credential stuffing has been in the news because it is a method of attempting to take over accounts of a company by using the databases of known breaches to ‘stuff’ thousands or millions of known credentials into an automated bot and attempting to see if they can get...
NIST CSF – Part 3 – Detect

NIST CSF – Part 3 – Detect

The NIST Cyber Security Framework (NIST CSF) is the result of a February 2013 Executive Order titled “Improving Critical Infrastructure Cybersecurity” and 10 months of collaborative discussions with more than 3,000 security professionals. It comprises a risk-based...
What is proactive incident response?

What is proactive incident response?

Incident response as a term is reactive, so it’s no wonder that a proactive approach to incident response is a foreign concept to many clients and resellers that we work with.  Let’s look at a few common scenarios to understand why proactive incident...