Your request has been received.

Foresite Blog

Is Your School District Prepared to Protect Student Data?

Posted on December 11, 2017

Cyber incidents are occurring in K-12 schools at an alarming rate with over 200 reported incidents since January 2016, and many schools have been hit multiple times within the past year. A few examples on the “hit list” include public Schools in Arlington, VA who had staff social security numbers exposed in a data breach, followed by a vendor’s unauthorized access of student files. In Texas, a hacker was able to use unsecured remote access to a desktop and gain control of a shared files for 1,300 staff and students, while two districts had names and social security numbers of…

Read More

Few Corporate Attorneys are Prepared for a Data Breach – 3 Steps to Prep

Posted on December 5, 2017

With a new major data breach being reported about once a week, and countless others happening that don’t make the airwaves, it’s no wonder that cyber security is a major concern for corporations and their legal teams.  Yet a recent Grant Thornton survey found that only 35% feel their organizations are prepared for a breach. If your organization is part of the 65% who don’t feel prepared, and whether you have a corporate legal team or not, what can you do before being breached to minimize the impact to your business? Here are 3 steps to prep: Assess your risk. …

Read More

Foresite and ConnectWise Partner to Bring World Class Managed Security and Compliance Services to MSPs

Posted on December 4, 2017

Distribution agreement enables users access to quality Security Operations Center (SOC) solutions as market demand soars Overland Park, KS –December 01, 2017 – Foresite, a managed security and cyber-consulting services provider, today announced a distribution agreement with ConnectWise, a company that transforms how technology solution providers build, manage, and grow their businesses. “Our companies’ combined offerings provide a lot of synergy to MSPs delivering IT solutions,” said Marc Brungardt, President at Foresite.  “As demand for cyber-security solutions soars, we recognize a very complementary opportunity to enable our SOC services in the ConnectWise framework.  Through advanced cyber security and compliance solutions,…

Read More

Does paying the ransom mean you don’t have to report a cyber incident?

Posted on November 28, 2017

This question came to the forefront last week when it was discovered that Uber had paid hackers $100,000 in October in order to keep from reporting a breach of their customers and drivers account data.  Their Chief Security Officer and one of his team members were fired this week as part of the fallout from this decision.  Here are some of the reasons why: It’s the law. State law often mandates a specific timeframe in which affected parties must be notified if their data has been exposed/accessed by an unauthorized party.  Despite Uber’s argument that the data was restored to…

Read More

How secure is your password, and does it really matter?

Posted on November 21, 2017

There are three questions to consider for password security: 1) Are you using the same password for everything? 2) How easy is it for a computer to guess it? 3) How easy is it for a human to guess it? To begin with, using the same password for everything, is the equivalent of using the same key to lock both the front door to your house and also your car! As soon as someone has access to this key, they have access to both! Now, upset by this news, you find yourself questioning how many times you have used the…

Read More

So many logs, so little time. Where do you focus?

Posted on November 14, 2017

Under any framework, cybersecurity regulation, or security program an organization adheres to, there will be requirement for  logging, alerting and/or monitoring. This is to be expected as the third logical link in the security cycle is detection, and how do we detect? For the most part, we detect using logs. (There are other methods, but in today’s world primarily we are using logs to detect as other methods are maturing). This leads to important questions given the many log files your devices will produce, and the fact that you only have so many hours in a day. Which logs are…

Read More

Expertise isn’t free, but not having it can really cost you….a true story

Posted on November 7, 2017

Normally when we discuss a recent project, we review the client’s challenges and objectives and how we helped meet them.  This case was a bit different. We were contacted by one of our Resellers who had a former client who had sold his company at the beginning of 2017.  The business was an online retailer, and had been sold to the new owners as PCI compliant.  The new owners had a PCI audit performed, were told they were far from compliant, and were suing the former owner for damages in excess of $700,000. Foresite agreed to take a call with…

Read More

The value of comprehensive endpoint security

Posted on October 31, 2017

Cyber security companies are all announcing their latest and greatest endpoint solutions, and clients are asking about the value of moving from traditional antivirus (AV) to these endpoint suites.  There are a number of things to consider to make sure you get the value from an endpoint investment:  Is your organization subject to compliance requirements?  If so, you want to confirm that any solution you consider meets the compliance requirements that apply to you.  Compliance requirements often lag behind the latest solutions, and you may technically need to have antivirus to “check the box” even if an endpoint solution provides…

Read More

Banks With Bad Cybersecurity Could Face SWIFT Justice

Posted on October 24, 2017

Is SWIFT now playing good cop/bad cop? SWIFT – formally known as the Society for Worldwide Interbank Financial Telecommunication – is a nonprofit cooperative owned by 3,000 banks that bills itself as “the world’s leading provider of secure financial messaging services.” Its network and software daily processes 25 million communications that collectively account for billions of dollars’ worth of transfers. SWIFT CEO Gottfried Leibbrandt initially said that his organization wouldn’t impose data security standards on any of its 11,000 members. “The system is only as secure as the weakest link.” “SWIFT is not all-powerful, we are not a regulator, and…

Read More

GDPR – Frequently Asked Questions

Posted on October 17, 2017

The General Data Protection Regulation has many organizations concerned, and with good reason.  Although the requirements don’t take effect until May 2018, they may be challenging to address.  The first step is to gain a better understanding of them through our frequently asked questions. Where do we start to prepare for an audit?  The first step is to determine what data you hold. Think about your HR files, client database(s), vendor records, etc.  If you maintain any records that include information on citizens protected under GDPR, you need to document not only which systems, but also the data flow. Isn’t…

Read More

Interested in what Foresite can do for you?

At Foresite, we like to consider each client’s needs individually, in order to determine the best approach to your unique requirements. So let’s talk! Contact Foresite to request a scoping call today.

Contact Foresite