I have written before about a security compliance tool we have been using, ComplyUp. (You can read about it here and...
Cyber Security
CGNET and ActZero
Ricardo (our CTO) and I met with ActZero (in real life!) today to further develop our partnership. I have written...
Phishing in Your Own Pond: The Importance of Simulated Phish Tests
Phishing simulations are a key part of any comprehensive security awareness training program. By sending out fake...
Here are Some Cybersecurity Awareness Month Resources for You
Yes, Virginia, it is October and that means it is--wait for it--National Cybersecurity Awareness Month! Not just a...
We Are Here for You with Zero Trust Resources
Zero ____. It is one of this week’s New York Times crossword clues. (Don’t tell me the answer. I have not solved the...
Four Factors for Effective Security Awareness Training
Social engineering remains the top way criminals infiltrate an organization’s data, and the problem gets worse every...
Yes, MFA Can Be Hacked. Now What?
I read a blog post today from our friends and partners at cybersecurity firm KnowBe4 that was a bit unnerving. While...
ComplyUp and NIST 800-171 are Ruining My Life
Yes, I am exaggerating. Call it artistic license. But ComplyUp and NIST 800-171 are beginning to rewire my brain. This...
The Human Firewall: The MOST Important Part of Cybersecurity
Your organization may be guilty of a common misconception, that cybersecurity and risk management are the sole purview...
There’s Something About INKY
I wrote last week about our adoption of INKY and teased about the INKY logo. To spare you the searching, I have...
We Are Stepping Up Our Phish Protection Game
We have been evaluating a service called INKY, to step up our phish protection for customers. Wait. Phish protection....
Cisco Just Got Phished: Don’t Be Next!
Just this past week, according to an article at Forbes.com, Cisco was hacked by a ransomware group who claims to now...
Do Your Security Actions Make Sense?
Do your cybersecurity actions make sense? Wait, what? Sometimes we cybersecurity folks can get carried away. More...
Remember to Include IoT Devices in Your Cybersecurity Program
Today I bring you a cautionary tale, courtesy of a customer. The moral of the story is this. Remember to include IoT...
Is This a Magnetometer Moment for Grantee Security?
OK, I admit it. I was watching the US House of Representatives January 6th Committee and geeked out over the word...
Passwordless Future Almost Here: Major Milestone Announced
Last month, Microsoft, Google and Apple all announced that they will expand their support for the passwordless...
Let ComplyUp Take Care of Your Security Compliance Planning
I have written in the past about using a tool to assess your organization’s compliance against a security standard....
How Secure are Password Managers?
We’ve recommended using password managers many times in past posts. (See here and here). But the usual worry still...