Blog

Privacy Shield is Dead, Long Live Privacy Shield!

10th June 2021

The European Court of Justice struck down Privacy Shield last July, but the much-maligned privacy program shambles onward like a regulatory zombie. Except this zombie wants to eat time and paperwork instead of brains. Let me explain. First, some Privacy Shield context. A quick recap on Privacy Shield, and why it matters. Privacy Shield is/was…

-- READ MORE

Browser Extension Security – What browser does it best?

3rd June 2021

For all of Google’s efforts to improve user security, it’s leaving thousands upon thousands of potential vulnerabilities and some actual malware active on its platform in the Chrome Web Store. How? Browser extensions. Browser extension security is generally nightmarish. Browser extensions can improve the functionality of any browser, but also pose a big risk. They…

-- READ MORE

A 3-Point Ransomware Defense Strategy for Small to Midsize Businesses

27th May 2021

Oops, all your organization’s data is encrypted! Could you manage to make a multi-million dollar ransom payment to restore operations? Probably not if you’re a small or midsize business – a small business ransomware attack can be the end of the line. It’s better to have a ransomware defense plan to avoid the situation altogether….

-- READ MORE

Incident Response: Putting the Puzzle Pieces Together

20th May 2021

A good incident response plan, like a Rubik’s cube pro, doesn’t follow a recipe – it’s flexible, working for whatever scenario it’s in.

-- READ MORE

SOC 2 Type 1 vs Type 2: Get a Type 2!

12th May 2021

Trying to pick between SOC 2 Type 1 vs Type 2? Our answer is simple, get the Type 2! Here’s why it’s the much better choice…

-- READ MORE

SOC 2 vs ISO 27001

5th May 2021

SOC 2 and ISO 27001 take two different approaches to the same problem. Both will have you improving your security program, but in different ways. It’s important to understand the differences between the two, even if your ultimate decision might be the result of something else altogether.

-- READ MORE

Prevent Email Spoofing with EmailSpoofTest

29th April 2021

Your email provider runs the equivalent of a border checkpoint. It must do this to filter the real emails from the malicious ones. Every person (message) that wants to enter the country (server) must have its documentation in order. One of the best ways through for a malicious actor? Spoofed documentation (email spoofing). Email spoofing…

-- READ MORE

SOC 2 Trust Services Criteria: An Easy Guide

22nd April 2021

The five SOC 2 Trust Services Criteria are different areas of focus for a your SOC 2 audit. This easy guide will help you choose them.

-- READ MORE

Is Your Cyber Insurance Broken?

15th April 2021

Is your cyber insurance terrible? Probably. The companies that offer this coverage lack consistent standards and exclusions are rampant.

-- READ MORE

Can you teach employees how to phish to help them avoid phishing?

8th April 2021

There’s a famous saying “give a man a phish, and he’ll be able to recognize one phishing email. Teach a man to phish, and he’ll be able to avoid phishing emails for the rest of his life.” Or something like that.

-- READ MORE

1 2 3 … 11 Next »