Top 3 Components of a Healthy Security Program

There’s a lot of moving parts to a security program, and trying to keep track of what’s important and what isn’t can quickly become overwhelming. Although there are lots of things to consider when you’re building, retrofitting, or managing an existing security program, there are three main components that to any healthy information security program:...

A List of Information Security Program Documentation

Information security program documentation is important to ensuring that the program is adhered to throughout an organization. This documentation can serve as a means of establishing a benchmark for the security program so that your organization can see the impact of any change and progress. The documentation should also provide enough information to help employees...

How is Security Defined in an Organization and Who Leads It?

An Information Security Program is a system for protecting the confidentiality, integrity, and availability of information within a business. In most organizations, there are two potentially related groups that can be called the security group: Physical Security: The first group is charged with protecting the physical building and the people within it. At its core,...

The New European Union (EU) Data Protection Regulations & Procedures [VIDEO]

The objective of this document is to give a high-level overview of the new rules and regulations surrounding the newly passed European Union (EU) General Data Protection Regulation (GDPR). This new regulation is replacing the 20-year-old directive (95/46/EC). All Companies Must be in Compliance with EU’s General Data Protection Regulation  Keep in mind, by May 25,...

Implementing a HIPAA Compliant Security Program

Over the past couple years there has been a dramatic increase in security related attacks on all businesses’. At the core of these attacks is a desire by the attackers to acquire valuable data that can be used for illicit monetary gain. Few industries manage as valuable a data as the health care discipline. As...

Top 5 Best Security Program Development Practices

1.Select activities and remediation efforts that your current team can do. 2. Pick activities that can help you understand your environment. 3. Choose projects that can be done quickly to gain momentum. 4. Build out your processes first. 5. Find expert help.

Be Involved with Customer Security Audits — Answers Matter

Many companies that send out information security assessments have thousands of third parties that they’re sending them to. Because of this, they generally employ a red-flag model to have assessments of interest bubble to the top of the pack. This isn’t necessarily a valid model to assess the security of another company, but it’s still...

Veterans in Security: Related Cyber Security Terminology

Cyber Security is a relatively new field. Fortunately, for veterans, many of the concepts and much of the terminology is directly related to the military. Security, investigations, perimeter protection, encryption, intelligence, and threat analysis are all concepts and terms a veteran is trained to understand from their time and experience in the military. Standard Operating...

What Is Security?

Defining Security Is Essential In Any Organization Security is defined in many ways within an organization, from locks on the doors, to computer passwords and anti-virus software. Your definition of security is going to be different than mine. It’s also going to be different than the definitions from all of the stakeholders and employees in...

What Can We Learn From Russian Hacking?

Lessons in Security Development from Russian Hacking There are lots of conversations about whether we should do more investigations based on the constant attacks. When looking at this from the perspective of what matters to the common organization, we need to understand two things: 1. If an attack occurs on your organization, do you have...