How Is FTC Data Security Enforcement Changing?

How Is FTC Data Security Enforcement Changing?

The U.S. Appellate Court agreed with LabMD that an order by the Federal Trade Commission (FTC) for them to “establish a comprehensive information security program” was too vague, leading to changes in the way the FTC handles penalties after conducting...
NIST CSF – Part 4 – Respond

NIST CSF – Part 4 – Respond

Today we continue down the National Institute of Standards and Technology Cyber Security Framework (NIST CSF).  In our earlier blog posts, we learned how to identify our assets and then we did our best to protect them. Then since nothing is 100% secure, we detected...
The Accidental Insider Threat – A clear and present risk

The Accidental Insider Threat – A clear and present risk

Media images depict the unknown ‘hooded’ bad actor in the dark room with many computer screens and we often forget about one the biggest risks organizations face – the insider. The insider can be broken into two categories, 1) the accidental insider who is duped...
Do we need a new standard for network testing and security?

Do we need a new standard for network testing and security?

This question was posed by a Forbes Technology Council member who points out that with the increase in devices connected to networks, cybersecurity has become part of every C-level, staff member and third-party vendor’s role to help manage risk of data...
Cybersecurity 2019 – Detection Over Prevention

Cybersecurity 2019 – Detection Over Prevention

As the number of attack vectors increases, making it easier for cyber criminals to find ways around the controls it is more important than ever to have a proactive and layered approach to cybersecurity.  However, organizations of all sizes need to face an...
New NIST Requirements Increase Cyber Security Controls

New NIST Requirements Increase Cyber Security Controls

A new supplement to the National Institute of Standards and Technology (NIST) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” is on the way.  The proposed supplement 800-171B adds 35 new requirements that go alongside...