IoT cybersecurity standards
29th May 2018
Fractional CISO’s own Rob Black is featured in the current Security Ledger podcast discussing IoT cybersecurity standards. Rob discusses the state of IoT security standards, the challenges the industry faces and what is next for IoT security standards. Check out the podcast here. Coverage of the podcast and the upcoming Security of Things Forum here….
-- READ MORE
Do I need a CISO? A guide for NY Financial Advisors
18th August 2017
New York State has instituted significant cybersecurity regulations. Do they apply to Registered Investment Advisors (RIA)? While the Department of Financial Services does not regulate RIAs, following their guidance can help to protect the organization. Additionally, RIAs that handle insurance or certain other securities are subject to the regulation. Appointing a Chief Information Security Officer…
-- READ MORE
What small RIAs need to do to comply with NY DFS cybersecurity regulations
23rd March 2017
The State of New York is the first state in the country to issue a regulation that specifically requires certain cybersecurity policies, procedures, controls and personnel for financial firms. This regulation affects all organizations regulated by the New York State Department of Financial Services (DFS). That includes everyone registered under the Banking Law, Insurance Law…
-- READ MORE
Announcing RIA Cybersecurity Risk Worksheet
13th February 2017
Introducing the complementary RIA Cybersecurity Risk Worksheet! The RIA Cybersecurity Risk Worksheet is a great tool for Registered Investment Advisors (RIAs) to do a quick initial investigation into your firm’s cyber security practices. RIA Cybersecurity risk worksheet The risk worksheet is an eighteen question multiple choice self-evaluation of your firm’s current cybersecurity practices. After answering…
-- READ MORE
Mothers, don’t let your babies grow up to use the ‘admin’ username
31st January 2017
There are many blog posts, articles, training materials and all sorts of content admonishing people to pick good passwords. But there is not nearly the same volume of content discussing good username selection. Administrators especially should be cognizant of good usernames to reduce the risk of an attack. Here at Fractional CISO we took a…
-- READ MORE
Why a virtual CISO for your medium-sized business makes sense
9th November 2016
You know you need better security for your organization. The security consultants you hired ran a penetration test on your website but did they look comprehensively at your organization’s security posture? Did they talk with your executive management about their business goals and risk tolerance for the organization? Often in the security space there is…
-- READ MORE
Password Advice – xkcd
6th October 2016
“What about ‘correct horse battery staple’ style passwords?” has been the response to our password manager post. There is a famous xkcd comic posted above suggesting that using four ‘random words’ together would make a great password. Here at Fractional CISO we have a view of the security of such passwords… eh. It is true that…
-- READ MORE