Tag Archives: compliance

An Infographic to Implement an IT Governance, Risk, and Compliance Framework and a Risk Management Framework

I built an Infographic to Implement an IT Governance, Risk, and Compliance Framework and a Risk Management Framework. I do hope everyone finds it useful. A good solid framework is a critical foundation to lay for managing risk in businesses … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , , , | Comments Off on An Infographic to Implement an IT Governance, Risk, and Compliance Framework and a Risk Management Framework

RSA Archer and GRC

Yesterday I gave a presentation on RSA Archer and GRC at a lunch and learn. I got a lot of some lovely compliments. Topics were focused on Governance and Risk Frameworks, and processes.

Posted in Security Blog | Tagged , , , , , , | Comments Off on RSA Archer and GRC

Just Accept the Risk

Lately, there is a lot of risk management in my life.

Posted in Security Blog | Tagged , , , , | Comments Off on Just Accept the Risk

What is GRC?

Governance, Risk, and Compliance. A nice infographic.

Posted in Security Blog | Tagged , , , , | Comments Off on What is GRC?

A Different Terror in France!

Airport systems in Paris Orly International Airport use a system called DECOR, which is used by air traffic controllers to communicate weather information to pilots. Pilots rely on the system when weather conditions are poor. The problem with DECOR is … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on A Different Terror in France!

Cybersecurity Bill of Rights Adopted by NAIC

On October 14th, 2015, the National Association of Insurance Commissioners (co-developer of the Model Audit Rule) has adopted the Cybersecurity Bill of Rights​ ​ The Cybersecurity Bill of Rights describes what you can expect from insurance companies, agents, and other … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on Cybersecurity Bill of Rights Adopted by NAIC

AT&T Data Breach = $25 Million Dollar Fine

AT&T data breaches exposed about 280,000 U.S. customers’ names and full or partial Social Security numbers. The breaches occurred at call centers used by AT&T in Mexico, Colombia, and the Philippines when employees accessed sensitive customer data without adequate authorization. … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , , | Comments Off on AT&T Data Breach = $25 Million Dollar Fine

Hilary Clinton. Email Admin.

Perhaps its because Government servers are strong hacker and espionage targets. The New York Times reports that Hillary Clinton used only her personal email (hdr22@clintonemail.com) address while serving as Secretary of State. As others have reported, a hacker calling him … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on Hilary Clinton. Email Admin.

Survey Says 80% of Security Risks are Users

Bromium surveyed 100 security professionals to see what they thought their biggest security risk was. Through my own research, I have found that the best way to give security awareness training, is NOT this way, with one time security awareness … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on Survey Says 80% of Security Risks are Users

Need a New Password? Try Passweird

Passweird is a fun and interesting way to generate a password that meets most regulatory compliance password requirements. In other news, Cyber thieves have started targeting the password managers, like KeePass.

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Need a New Password? Try Passweird