Blogs

Bringing Outsiders Into Your Compliance Team: Four Considerations

Richard Graham - Head of North American Business Solutions, BAE Systems Applied Intelligence  •  February 11, 2020

Money Laundering investigators are in high demand: banks and other financial institutions have spent almost two decades hiring more and more of them.

Growing Medical Device Sophistication Opens Security Issues

Tony Howlett  •  January 29, 2020

Securing medical devices properly is of crucial importance. However, before this goal can be completely achieved, there are several challenges to overcome.

NIST 800-171 & Why Organizations Need Password Similarity Blocking in Active Directory

Josh Horwitz  •  January 7, 2020

Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.

HIPAA Standard 164.312(d): MFA to the Rescue

Emil Hozan  •  December 26, 2019

Humans have enough things to remember as it is and remembering yet another number or string isn't something anyone looks forward to.

Is AI The Ultimate Weapon in The Fight Against Financial Crime?

Gareth Evans  •  December 20, 2019

No matter how good the lock on your door, sooner or later someone can break in. When they do, how do you monitor them?

Identity Theft Protection: A Crucial Consideration in Today's Heightened Environment

Allen Spence  •  December 16, 2019

According to the Identity Theft Resource Center, there were over 1,200 reported breaches last year alone, which exposed over 400 million records.

Is your Organization Suffering From Third-Party "Compliance Drift"?

Tony Howlett  •  December 13, 2019

Third-party vendors accessing your most critical systems and networks can also bring in security incidents along with all those wonderful things they promised in the sales presentation.

Don't Forget The Basics: KYE Means KYC

Simon Viney  •  December 6, 2019

We can see criminals are moving up the financial value chain from attacking lots of targets with smaller rewards to smaller numbers of targets with higher rewards

The Hidden Cost of a Third-Party Data Breach

Tony Howlett  •  December 4, 2019

Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...

5 Things All Smart Security Leaders Need to Do Right Now

Amanda Fennell  •  November 20, 2019

Developing a mature security program takes time, but I've met many forward-thinking security leaders who've made swift and lengthy strides in protecting their clients' data. With those lessons in mind, here are five things any organization can do today to create immediate, measurable security benefits,

4 Key Considerations for Employee Password Hardening & Compromised Password Monitoring

Mike Greene  •  November 19, 2019

The new method of weak and compromised continuous password monitoring can reduce user frustration and IT burden.

New Kids On The Block: Novel Tactics and Perpetrators

Michelle Farr  •  November 19, 2019

Mobile technology allows customers complete control over their banking security via their smartphones, however recent fraud cases have seen criminals virtually hijacking mobile phones to intercept alerts and texts.

4 Automated Password Policy Enforcers for NIST Password Guidelines

Mike Greene  •  November 15, 2019

Beating The Crypto-Criminals

Gareth Evans  •  November 14, 2019

Instead of proving a flash in the pan, enthusiasm for cryptocurrency has grown - and with it the associated fraud. Cyber criminals were quick to develop malware with the aim of stealing cryptocurrencies, with attackers finding ways to exploit the anonymity offered.

3 Reasons to Do a 'Proof of Concept' With MDR Providers

Carl Scaffidi  •  November 13, 2019

When our company set out to find a managed detection and response provider, one thing was clear: We needed to put vendors to the test with a proof of concept.