Is Encryption Really That Hard?

The problem today is sensitive information is leaking from organizations like a dripping faucet.  The recent Equifax data breach is just the latest example of a constant barrage of leaks in the news.  All the experts say the best way to stop data leaks is by encrypting sensitive data. So why isn’t everyone doing it?   What’s the problem?  New …

Fasoo Moderates Panel on Cybersecurity and Your Company

Bill Blake, Senior Vice President and CCO (Chief Customer Officer) of Fasoo, moderated a panel discussion on Cybersecurity on September 13, 2017 at Harter Secrest & Emery LLP in Rochester, NY.  The event entitled Cyber Security & Your Company – What You Need to Know Now featured industry leaders and experts from The Bonadio Group, Fasoo, Lawley, and Harter Secrest …

You Need Data-Aware Protection Mechanisms

Data breaches pose one of the greatest threats to business and government.  With the recent data breach at Equifax magnifying the problem of data loss in businesses and the public sector, it’s time for organizations to think hard about using data-aware protection to safeguard sensitive information. The ever-changing cybersecurity landscape requires organizations to evolve beyond merely protecting the network perimeter …

Can You Stop Former Employees Taking Your Data?

It’s a good question and one that many organizations don’t think about thoroughly.  You take a lot of time onboarding an employee by doing background checks, checking references, and determining what information systems and data access the person needs to do her or his job.  You may have a comprehensive provisioning system that grants access to all applications and data. …

Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?

The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time. The updates are a …

Practical Advice At Buffalo NYDFS 23 NYCRR 500 Pathways to Compliance Event

Following our successful event in Rochester, the second of the NYDFS 23 NYCRR 500 roadshow events at Phillips Lytle LLP in Buffalo, NY on May 17, 2017 brought together executives, insurance, legal, and security professionals in a great forum to discuss challenges for financial services organizations to meet the new cybersecurity regulations that went into effect on March 1, 2017.  …

Cyber Security Legislation Will Change the Face of Business

As 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and …

Keep Your High-Value Information Close, and Your Employees Closer

I recently wrote an article for Corporate Compliance Insights that focused on the importance of organizations taking proactive steps to safeguard high-value corporate data from internal and external vulnerabilities. High value information such as trade secrets, product designs, financial data and customer data can change hands often within an organization, including among people who may not need access to this …

Strengthen Your Security On World Password Day 2016

Today is World Password Day 2016 and it’s a great time to take a look at how you use, manage and protect your work and online identity.  Many of the data breaches you read about in the headlines, like the recent Reuters breach, are the results of exposed or compromised passwords.  While better identity and authentication systems exist using biometrics, …