Study Finds Security Experts and Regular Users Differ in Approach

Sally Smoczynski, a contributing writer for this website, recently read a story about a Google sponsored survey report which attempted to compare and contrast responses from security experts and non-security expert Internet users regarding what they do to stay safe online. Given that you can find more online security tips in a few seconds than you could use in a lifetime, and, given that security hacks and breaches continue to be a security threat for everyone using the Internet, Smoczynski was convinced that perhaps the results of this survey would be helpful to both her clients and the … [Read more...]

Cloud Computing – {Need to Keep Up with Terminologies}

by: Ben J. Carnevale Cloud computing remains a strong topic of interest for organizations big and small. And, as with many topics and developing technologies concerned with use of the internet, risk management and cyber-security preparedness teams struggle to keep up with the terminology and risk mitigation strategies needed in order to make cloud technologies work successfully and effectively for your organization.   To help that process along, our staff has recommended adding a recent article dealing with “cloud computing terms you need to know” to your organization’s … [Read more...]

Data Breach Costs now Average $154 per Record

In a recently published benchmark research report it was found that executives in 2015 – motivated by growing concerns from ongoing data breaches and other cyber-attacks to their organizations – are now paying greater attention to the security practices of their organizations. To that point, research from that report also indicated that the average total cost of a data breach for the 350 companies participating in this research increased from $ 3.52 to $ 3.79 million US dollars (e.g. a 23% increase in total cost of data breach since 2013). The average cost paid for each lost or stolen … [Read more...]

Is Password Recycling Addressed in Your Information Security Metrics?

                              Maria Deutscher, who is a staff writer for SiliconANGLE, recently reported on the results of a new report from Netskope, Inc. reinforcing perhaps much of what our readers already know – e.g. for many - if not most enterprises - cloud security and security metrics of effectiveness and privacy in the cloud remain a “work-in-progress”. Nonetheless, one of those issues of “work-in-process” is bringing attention to the information security related risks surrounding password recycling. However with that being said, this report … [Read more...]

FTC Allowed to Proceed with Lawsuit against Hotel Group after Information Security Breaches

This website and its readers are well aware of the risk management challenges and opportunities for companies to make decisions over the growing number of information security breaches related activities. Unfortunately, many of these concerns can easily be lost over these risk mitigation topics for small business firms. Nonetheless, supply chain management dynamics can often force even small business firms to have to pay attention to recent developments in this area of information security enforcement--- and --- it is with this point in mind that our staff focused its attention on the … [Read more...]

2014 US State of Cybercrime Survey Report Now Available

Recently, a report entitled the “2014 US State of Cybercrime Survey” was released and made available to the public.  This survey was co-sponsored by PwC, CSO magazine, The CERT® Division of the Software Engineering Institute at Carnegie Mellon University, and the United States Secret Service.  Cybersecurity leaders from these organizations worked together to evaluate survey responses from more than 500 executives of US businesses, law enforcement services, and government agencies where they identified requirements for effective cyber security processes and procedures and evaluated these … [Read more...]

Cyber Intelligence Sharing Website Newly Launched

Our staff would like to bring your attention to the fact that U.S. retailers have recently joined forces and have launched a website called “Retail Cyber Intelligence Sharing Center”. In order to create a structure for this website and to better address the needs of the retail industry, the R-CISC was developed with input from more than 50 of America’s largest retailers, and in consultation with key stakeholders including federal law enforcement, government agencies and subject matter experts. For the record, the R-CISC is an independent organization, the focus of which is a Retail … [Read more...]

Information Security Scams This Christmas

With the holiday season upon us once again, our staff would like to focus some of your attention on some information security concerns regarding the likely use of digital devices as each of us try to make our Christmas buying lists and plans for upcoming holiday festivities.  Our point is that for every Santa there is a Grinch, and a cybercriminal is most likely waiting in the wings to turn all that holiday cheer into fast cash as he spreads his scams and malware. To help you stay protected as you search high and low both on and offline for the perfect presents for your loved ones, McAfee … [Read more...]

Mobile Device Threats in Corporate Environments are Real and Costly

While few risk management teams would fail to recognize the growing potential for information security threats involved in mobile devices, the fact remains that a lack of integrated mobile security is continuing to cost companies in terms of everything from lost productivity to lost data. Cyber criminals also continue to target mobile workers as easy potential access portals to a company’s backend IT infrastructure. As a result, many organizational security risk management teams can argue that their company might need to supplement its integrated mobile defense program with a coherent … [Read more...]

Free Cyber Security Awareness and Training Courses Offered by DHS/FEMA Partnership with Texas A&M University.

Just recently, our staff was made aware of a program offering free cyber security related training and awareness courses.  These courses are funded by DHS/FEMA in cooperation with the Texas A&M Engineering Extension Service (TEEX). The objective of this DHS/FEMA partnering is to ensure that cyber space is supported by secure and resilient infrastructure(s) ---delivering open communications, information and prosperity while protecting privacy and confidentiality. These courses are offered at no cost and students can earn a TEEX certification of completion and Continuing Education … [Read more...]