“We don’t know what we don’t know,” said our client, somewhat embarrassed. They had spent a lot of money on cybersecurity tools, staff,...
Is Your Organization Cyber Compliant? Are You Sure?
As the “arms race” between hackers and security experts intensifies, cyber compliance standards have become increasingly complex. The...
Why You Need to Implement a GRC Framework Yesterday (If Not Sooner)
Whether your organization consists of thousands of employees or just you and your dog, you still have to operate within a larger social...
Fighting Ransomware in Dallas and Beyond
On Wednesday, May 3, reports emerged that the Dallas Police Department had been hit with a ransomware attack. As the day wore on, it...
Top Ten FREE Cybersecurity Resources
If you’re reading this article, you’re well along on your journey to understanding cybersecurity and privacy programs. Still, it’s a...
The Four Pillars of Cybersecurity
Before you begin developing (or fixing!) your cybersecurity program, make sure you know the fundamentals. This material, adapted from my...
Identifying, Containing, and Responding to Incidents
ALERT! ALERT! This is not a drill! You have an alert that was identified as legit, was pressure-tested, checked, and escalated to...
Preparing your Incident Response Plan
No two incident response plans are alike. What your plan looks like will depend on many variables, from the size of the company, the scope...
Incident Response 101
You already know you need an incident-response plan. But what should it look like? What’s involved in creating such a plan? I’ll help you...