Quand le « nuage » tombe sur un orage

Ce fut un bel été, avec une série malheureuse de catastrophes naturelles (ouragans et tremblements de terre) qui ont provoqué des dégâts considérables dans certaines régions du monde. Du point de vue de la continuité des opérations et de la reprise après sinistre, il y a beaucoup à réfléchir. Qu’est-ce qu’un DSI peut faire ? […]

Cómo evitar un ataque Ransomware

El Ransomware ya es considerado como una de las grandes amenazas de seguridad actuales y cuesta a las empresas miles de millones de pérdidas anuales. Ha llegado el momento de proteger su organización de cualquier ataque potencial. Las empresas necesitan una solución que evalúe la capacidad de la organización para soportar ataques de este tipo, […]

Smishing, la última ciberamenaza móvil

Si hay algo en lo que un profesional de IT y un ciberdelincuente pueden coincidir es en que el punto más vulnerable de cualquier red lo constituye el propio usuario. ¡Los usuarios móviles nos ponen las cosas más difíciles! Perderán sus teléfonos, descargarán aplicaciones de sitios no seguros y accederán a datos confidenciales de la […]

How to avoid a ransomware attack

Computer Security

Ransomware is a major security threat, three companies alone in 2017 identified $700 million worth of damage from recent attacks, and the global damage is assessed to be exponentially higher. Businesses recognize the severity of the threat, and now need to develop strategies to minimize their risk. The first step is a thorough diagnosis of […]

Your company has been hit with ransomware: What’s the best response?

Ramsonware

Organizations hit with ransomware must decide if the situation has become extreme enough to pay the ransom.  Although law enforcement adheres to a strict policy of not negotiating with the extortionists, nuances do exist. Companies need to understand the full spectrum of options, how interactions with the criminals may evolve and how to position the […]

Getting the analytics right for GDPR compliance – and beyond

The challenges of complying with the European Union’s new General Data Protection Regulation (GDPR) are clear: Every organization serving customers in the EU — including organizations outside the EU that offer goods or services to individuals within it — will need to comply with new data privacy rules by May 2018. The clock is ticking, […]

Vulnerability assessment vs. penetration testing

Even in professional circles, there often seem to be differences of opinion over the value of Vulnerability Assessment versus that of Penetration Testing. This can lead to gigs with over-prescribed scopes, resulting in poor value to the client. Let’s talk about the differences between the two and why each is important in an effort to, […]

L is for legal

This post is part of a continuing series, “Digital: from A to Z,” that explores what it means to be “digital” from A to Z, broken down into individual blog posts diving deeper into various subjects. Check back regularly to see continuing posts as I work my way through the alphabet and let me know: What’s […]

Seven hacker documentaries you can’t miss

code hacking

The Summer grinds toward its unofficial Labor Day end. The days are still long and hot. The humidity is thick. It’s a time of the year when I like to tuck myself indoors and catch up on movies I’ve missed and old favorites. One of my preferred subjects is hacking. And to get a sense of […]

To lower enterprise risk, get cyber resilient

The digital transformation of business puts information technology at the center of your enterprise. At the same time, it greatly expands risks to the enterprise. As these cyber risks become central to both operational and business risk, they’ll have a greater influence on the enterprise’s overall risk. What you need is cyber resilience. That’s the […]