Risk Assessments Archives

CIS RAM (Center for Internet Security® Risk Assessment Method) was developed by HALOCK Security Labs in partnership with CIS. HALOCK had been providing CIS RAM methods for several years with a positive response from legal authorities, regulators, attorneys, business executives, and technical leaders. (more…)

We Just Gave Away Our Cyber Security Intellectual Property. It was the right thing to do.

Why a Chicago-Based Cyber Security Firm Just Released its Prized IP.
By Chris Cronin, ISO 27001 Auditor, Partner (more…)

EMPLOYEE SOCIAL MEDIA ACCOUNTS MAKING YOUR NETWORK VULNERABLE?

Social media seems harmless enough especially when your employees stick to using it for personal reasons, but it can indirectly be responsible for critical security breaches. With some social engineering and patience, an attacker can use personal social media profile information to gain access to your corporate network. The attack is completely outside of your (more…)

PRIVACY VS SECURITY – WHAT’S THE DIFFERENCE?

The ever-increasing demands from laws and regulations to protect personal information comes with confusion about what exactly our protection responsibilities are. One source of that confusion is in the use of the terms “privacy” and “security.” While “privacy” and “security” are both common terms used in laws, regulations, and security standards, they mean very different things and they are managed very differently. In (more…)

WHAT KIND OF SECURITY ASSESSMENT DO I NEED?

What kind of security assessment do I need? It’s a question we at HALOCK Security Labs hear all the time. Every regulation and information security standard in existence tells us that we must undergo some kind of regular assessment. But the security field has not been consistent in advising what kinds of assessments fit which purpose best. (more…)

THE FTC IS TELLING US THAT PCI DSS CERTIFICATION IS NOT ENOUGH. NOW WHAT?

As part of its enduring interest in LifeLock, Inc., the Federal Trade (more…)

THE JP MORGAN CHASE HACKER INDICTMENTS EXEMPLIFY HOW BACKWARD THE INFOSEC SPACE IS

HACKER INDICTMENTS – Cybersecurity audits mean nothing to hackers. And in fact, neither do short-sighted privacy regulations. Hackers have been showing us this for years. And not just because they find ways to exploit systems before you have a chance to lock them down. It’s more than that. Hackers find value in your systems and data that you don’t think are interesting enough (more…)

REDUCING RISKS THROUGH COMPENSATION: HOW TO INSTITUTIONALIZE RISK MANAGEMENT IN EMPLOYEE INCENTIVE COMPENSATION PLANS

REDUCING RISKS THROUGH COMPENSATION. Has your organization been struggling to achieve its compliance goals? Whether your organization is new to risk management or you’ve been struggling with compliance for some time, making compliance a part of every employee’s compensation plan is a (more…)

SIX THINGS TECH START-UPS CAN DO TO IMPROVE THEIR SECURITY POSTURE

The Internet of Things (IOT) and Cloud Computing has provided business and consumers with unimaginable tools and functionality, not to mention immense entrepreneurial opportunities. Along with the connectedness of these solutions comes increased security risks that many entrepreneurs, start-ups, and venture capitalists need to be aware of before either launching into the tech industry or (more…)

Previous 8910 Next