Talk to Our Experts  

Information Risk Management Blog

NYDFS Cyber Security Regulations - Made Easy (Part 3 Final)

[fa icon="calendar'] Feb 6, 2017 1:13:00 AM / by Anupam Bonanthaya posted in Cybersecurity, Banking, Risk & Compliance Advisory, NYDFS

[fa icon="comment"] 2 Comments

Now that the final regulations are out, and it will be effective starting March 1, 2017, if you are looking for an executive summary of the regulations, and if you are curious  about what changed between  the draft and the final one - here we go.

Read More [fa icon="long-arrow-right"]

Our Top 10 Cyber Security Predictions for 2017

[fa icon="calendar'] Dec 30, 2016 6:16:48 AM / by Anupam Bonanthaya posted in Cybersecurity, Information security, 2017

[fa icon="comment"] 0 Comments


It is that time of the year when you look back at the year that passed by and make predictions for the new year.

We did the same for what we love - Cyber Security, and listed the Top 10 for 2017 in the form of an infographic. Check out if it matches yours?

Read More [fa icon="long-arrow-right"]

Is Internet of Things becoming Internet of INSECURE Things?

[fa icon="calendar'] Dec 28, 2016 5:51:14 AM / by Ameya Jhawar posted in Cybersecurity, Digital Security, IOT security

[fa icon="comment"] 0 Comments

While we are getting excited about the Internet of Things (IoT) becoming the future of everything, with all kinds of technology driven services, there has been an uneasy sense of anxiety with the security pros among'st us.

These concerns are many like Data Privacy Issues, Network & Critical Infrastructure Security issues, DDoS attacks, Targeted Attacks on Individuals,  etc.

After the recent security incidents related to security of IoT devices, these concerns have bubbled up to the top because attackers have begun to exploit the "sloppy security" in the IoT eco-system!

So what are the reasons why IoT is becoming everybody's favorite target?

Read More [fa icon="long-arrow-right"]

NYDFS Cyber Security Regulations - Made Easy (Part 2)

[fa icon="calendar'] Dec 9, 2016 12:02:47 AM / by Anupam Bonanthaya posted in Cybersecurity, NYDFS, Security Regulations

[fa icon="comment"] 0 Comments

Being in the Financial Services industry, you must be already aware of the news about the proposed cyber security regulations by the New York Department of Financial Services (NYDFS).

In this article, we have tried to simplify the regulations by representing the 23 sections in the form of an infographic. 

Even though these regulations would be enforced only on those financial services companies coming under the scope of NYDFS, given that New York is seen as the financial capital of the world,  companies outside NY also see this as a global benchmark.

Read More [fa icon="long-arrow-right"]

NYDFS Cyber Security Regulations - Made Easy (Part 1)

[fa icon="calendar'] Dec 5, 2016 3:30:50 AM / by Anupam Bonanthaya posted in Cybersecurity, NYDFS, Security Regulations

[fa icon="comment"] 0 Comments

Being in the Financial Services industry, you must be already aware of the news about the proposed cyber security regulations by the New York Department of Financial Services (NYDFS).

In this article, we have tried to simplify the regulations by representing the 23 sections in the form of an infographic. 

Even though these regulations would be enforced only on those financial services companies coming under the scope of NYDFS, given that New York is seen as the financial capital of the world,  companies outside NY also see this as a global benchmark.

Read More [fa icon="long-arrow-right"]

10 Basic Things Every Organization MUST-DO for Cybersecurity

[fa icon="calendar'] Aug 26, 2016 2:08:05 AM / by Anupam Bonanthaya posted in Cybersecurity, Cyber Security, Information security, basics of cyber security

[fa icon="comment"] 9 Comments


These days, it is a rarity if there is no news of a high profile cyber attack or breach every week or so. This week was the French Submarine builder DCNS who is building defense submarines for India, Australia, Malaysia and Chile.  Last week was SAGE. The week before was Oracle.

It is a common misconception that only high profile companies in specific industries get attacked. In reality every organization - big or small, across all industries is a target. Or that is what the data says.

The ones who hog the headlines just got lucky.  

We put together a check-list in an infographic format to cover the basics of information security. 10 basic things that every organization must pay attention to in-order to stay away from the headlines when it comes to cybersecurity.

Read More [fa icon="long-arrow-right"]

Will a Bug Bounty Program Make Your Enterprise Secure?

[fa icon="calendar'] Jun 28, 2016 3:30:35 AM / by Anupam Bonanthaya posted in Cybersecurity, Vulnerability management, vulnerabilities, responsible disclosure, Threat Management, bug bounty

[fa icon="comment"] 2 Comments


What is common between "Hacking the Pentagon" and "Hacking Google CEO's Quora account"?

It is Bug Bounties ! The former was a super successful bounty program run by the US government last month. The latter is a hacking incident this week, "in-spite" of Quora having a bounty program.

So the million $ security question - If you are an enterprise CISO, should you go for a bug bounty program?

Read More [fa icon="long-arrow-right"]

10 Ways CIOs & CISOs Can Beat Talent Crunch in Information Security

[fa icon="calendar'] Jun 15, 2016 2:18:12 AM / by Anupam Bonanthaya posted in Cybersecurity, Information security, Security, talent, SOC, security analytics, security services, hiring, infosec, managed security

[fa icon="comment"] 0 Comments


Information Security has jumped 33% to become Top-3 Priority for IT Executives in 2016. Now with the increasing importance of information security to organizations, the biggest hurdle is no longer buy-in from the board or even the budget $ - It is the "availability of talent" !

Information Security professionals are on the top when it comes to talent crunch. In this article I will cover 10 ways to deal with the talent shortage you are facing today. 

Read More [fa icon="long-arrow-right"]

4 Immediate Changes to make Traditional Vulnerability Management to Work

[fa icon="calendar'] Jun 2, 2016 8:05:00 AM / by Amit Ranjan posted in Cybersecurity, Vulnerability management, Vulnerability Intelligence, zero day, security analytics, vulnerabilities, cyberthreat, infosec, vulns

[fa icon="comment"] 0 Comments


We all know that traditional find and fix practice of vulnerability management has many challenges, and as a result is not really equipped to do a good job of managing exploits in today's information security scene. 

In this article I want to talk about the 4 things you should do in order to make it work better.

Read More [fa icon="long-arrow-right"]

Time to Re-think Vulnerability Management ? These 5 Facts Say So...

[fa icon="calendar'] May 24, 2016 11:50:53 PM / by Anupam Bonanthaya posted in Cybersecurity, databreach, Vulnerability management, Vulnerability Intelligence, security analytics, vulnerabilities, cyberthreat, infosec, vulns

[fa icon="comment"] 0 Comments


Do you know what is the most predictable trend in Information Risk Management ?

It is vulnerabilities. If you review data breach reports from the last few years, you will notice one thing that is very consistent and it is about the vulnerabilities!  The only change is that things have become worse over the years, and looks like the trend will continue.

Does it say something about our approach to managing vulnerabilities?  Perhaps!

So are we missing something? Perhaps!

In this post I have pulled out 5 trends that I feel clearly indicates that the current approach of vulnerability management is not working, and it is time to re-think our approach.

Read More [fa icon="long-arrow-right"]
     

Other Popular Posts

Subscribe

Case Studies