Blog

17th November 2022

3 takeaways from the FTC’s action against Chegg for lax cybersecurity.

We are in the process of selling our house. We love our home — we have been here for 11 years — but an opportunity presented itself nearby that looks to be an even better fit for the long term. We knew things needed a bit of fixing up before putting the house on the…

10th November 2022

SOC 2 incident response: what’s required for compliance?

For SOC 2, incident response is an absolute must. If you don’t have a well-practiced plan, you’re not compliant, period. Why? To prevent scenarios like this: You get a panicked call from one of your employees at 4 pm on a Friday. “One of our data processing vendors has been hit by a ransomware attack!…

3rd November 2022

Three things to know about the new ISO 27001:2022 standard.

ISO 27001 and America’s pastime have something in common this year. Even a historic pastime like baseball, which values tradition, changes its rules every once in a while to respond to developments in the sport and the needs of its players and fans. For 2023, pitch timers will be introduced to speed up the game,…

27th October 2022

Cybersecurity risk assessments: your risk treatment map.

Running a cybersecurity program without a cybersecurity risk assessment is like sailing a ship through rocky waters without a map or lighthouse. You are not likely to successfully navigate the perilous situation without knowing where the threats are! The cybersecurity risk assessment is like a map, personalized to your business, that identifies all of the…

20th October 2022

Modernize your Cybersecurity Measurements

Among our various Black Family traditions, one of my favorites is reading to my kids at bedtime. It’s a great way to power down after a busy day and enjoy some screen-free, quality time together. Recently, my 11-year-old son and I have been reading Alexandre Dumas’s The Count of Monte Cristo. First published in 1844, it has…

13th October 2022

Do you need a CISO? Maybe. You at least need a security owner.

Do you need a CISO? It depends! However, you almost certainly need a cybersecurity leader. From hockey to cybersecurity, no team is complete without a leader. Several years ago, I was the broadcast tech director for a United States Hockey League (USHL) hockey team, the Chicago Steel. In 2017, that team won the junior hockey…

29th September 2022

Don’t lose a princely sum when your founder exits the stage.

When your founder, or another key leader, leaves your company, will the show go on like Blue Man Group? Or will your organization suffer fallout like the Prince estate? Prince died tragically and unexpectedly in 2016. Despite his wealth and success, he didn’t have a will. At the time of his death, he had no…

22nd September 2022

The Apple MDM market leaves a lot to be desired.

On April 21, 2022, Apple made an announcement that screwed many of its business customers: The company was shutting down Fleetsmith, its in-house Mobile Device Management (MDM) solution for Macs. MDMs are essential IT tools for businesses. They help admins automate device setup, updates, patching, security, and other management tasks for company-owned devices. With Fleetsmith…

15th September 2022

Cybersecurity is a team sport, so who are the players?

It’s back to school time (parents, try to conceal your understandable excitement). For my 11-year-old son, the best part about going back to school is playing cello in our town’s middle school orchestra, a spot he earned over the summer despite (pardon me while I brag) being a sixth grader in competition with 7th and 8th…

8th September 2022

Open Source Dependencies: Built Like a House of Cards

The world of modern software is built like a house of cards. Software development in the modern age is heavily reliant on open source libraries and tooling. Open source code projects are often built upon layers of dependencies – a broad engineering term for the libraries or collections of code that a larger project reuses….

« Previous 1 2 3 4 … 19 Next