Business Cyber Risk
Analyzing the Global Impact of Cybersecurity, Law, and Business Risk
Business Cyber Risk

***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!

***URGENT MEMORANDUM*** TO:   “The IT Guy” FROM:   Your clients’ Incident Response Coach SUBJECT:   Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a…

Read More

Think your company is too sophisticated to be hit with a successful cyber attack? Ask FireEye …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful cyberattack against it. They think their company is doing it all right and this is only the kind of stuff that happens to “the…

Read More

2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

There are two critical cyber insurance issues that every single company must understand right now, before they have an incident:  In today’s environment, every company has substantial cyber risk and every company needs cyber insurance. Period. Cyber insurance is not covered by typical business insurance and companies must have the right cyber insurance for their…

Read More

Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches

It is not always the feared and dreaded “hackers” that cause the exposure and breach of confidentiality of sensitive personal information. Sometimes it’s just simple mistakes, but the consequences can be much the same. Consider this situation: NTreatment inadvertently exposed thousands of medical records online by neglecting to add password protection to one of its…

Read More

Think your company is too sophisticated to be hit with a ransomware attack? Ask Advantech …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to…

Read More

The Home Depot / State Attorneys General Settlement – My 1st and 2nd Thoughts

The Attorneys General of 46 states reached a $17.5 million-dollar settlement with The Home Depot, which was announced on November 24, 2020. Texas Attorney General Ken Paxton announced that this settlement was led by the Connecticut, Illinois, and Texas AGs and Texas will collect $1,777,440.00. I will have more to say about this settlement in…

Read More

ASPR Warns Ransomware Threat is Persistent, as Actors Leak More Data

“In general, maintaining anti-ransomware best practices like the 3-2-1 backup system or conducting regular vulnerability scanning to identify and address vulnerabilities will help protect your organization against future threats from other ransomware operators,” according to the alert. — Read on healthitsecurity-com.cdn.ampproject.org/c/s/healthitsecurity.com/news/amp/aspr-warns-ransomware-threat-is-persistent-as-actors-leak-more-data

Read More

Free Virtual Event: Reimagine Your Company Operating Again After a Ransomware Attack (DBU Tech Symposium)

You are invited to attend a free virtual DBU Tech Symposium on November 18 – 19, 2020. Did I mention this is both free and virtual? You have no excuse for not attending! RSVP here: https://www.dbu.edu/pages/tech-symposium/  I will be presenting on Wednesday, November 18, from 2:30 – 3:00 pm CT and the title of my…

Read More

Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can’t get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon…

Read More
%d bloggers like this: