Are You and Your Data Ready for NYCRR 500 Regulations

On March 1st, 2017, the New York State Department of Financial Services put into effect new cyber security requirements of its ‘covered entities’. Those entities include banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. Here is a quick

Blackmail, Extortion, Ransom and You

I recently read about a Ransomware attacker who’s offering to unlock infected computers if the victim assists in infecting other people they know. Wow, how insidious is that? Think about this in a corporate setting. Do you think any of your colleagues would hang you, or the company, out to dry to save their wedding

Triangulating and closing security compromises

But the CEO told me to wire $60K to the Caymans! We’ve seen a recent rash of e-mail exploits that blend “social engineering” with e-mail technology. These exploits use e-mail to impersonate respected leaders and authorities of an enterprise giving direction to subordinates or delivering malware payloads and links in what looks like a trusted

How to Value the Cost of a Data Breach

As the Founder and CEO of a technology consulting firm, there are many proprietary data concerns that we must consider and protect, not the least of which is our client information. While our firm, Corporate Technologies, Inc (CTI). may not be directly subject to data security regulations, providing services to many of our clients obligates

Is your manual Incident Response up to snuff?

Do you believe what the security experts say? That bad actors will penetrate your network, so it’s not a question of “if” but “when”? Believe it or not, it’s true. The evidence is clear that even well-funded security teams can’t keep hackers out.  The paradigm has shifted and the new focus needs to include how

There is no immunity from cyber attacks, so be prepared

Threat Assessment

Devastating cases of cyber-attack scenarios continue to mount. Unfortunately,  the most recent high-profile example is a harbinger of things to come.  By now, everyone is at least peripherally aware of the WannaCry ransomware attack that occurred just a few weeks ago.  If you somehow missed it, the WannaCry ransomware attack was a worldwide exploit by