Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 3 days ago

New blog articles detected

  • Assessing your Control Environment in a Risk Assessment

    For any business, regular risk assessments are a fundamental part of a risk management process. They allow you to determine your acceptable level of risk and what control measures you need. Calculating a risk rating is a fairly involved process and a lot of information is required. You need a holistic view of the entire system, process, or application in order to fully understand what’...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 3 days ago

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 3 days ago

New blog articles detected

  • 6 Steps to a Cybersecurity Risk Assessment

    Businesses face risk every day. It’s a part of getting business done, especially in our digital world. Managing risk is critical, and that process starts with a risk assessment. If you don’t assess your risks, they cannot be properly managed, and your business is left exposed to threats. A successful risk assessment process should align with your business goals and help you cost-effect...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 2 weeks ago

New blog articles detected

  • Creating a Cybersecurity Culture Part 5: Practice Matters

    So you’re well on your way to creating a cybersecurity culture in your organization. You’ve built a foundation of institutional knowledge, and you’ve carefully considered how people, process, and technology play a role. But there’s one more element to think about, and that’s testing. Actually not just testing, practice is also important. One of our security advisors often says, “You ca...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 3 weeks ago

New blog articles detected

  • Creating a Cybersecurity Culture Part 4: Technology

    Bill Gates once said, “The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency.” In terms of a cybersecurity culture this couldn’t be more true.

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 4 weeks ago

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Creating a Cybersecurity Culture Part 2: People First

    Building a Cybersecurity Culture is important in our current threat environment. It can ensure that an incident only causes a minor interruption to business-as-usual – not a major disruption (or worse).  Cybersecurity is made up of three important elements – people, process, and technology – and each must be developed for a cybersecurity culture to endure. In part two of our blog serie...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Creating a Cybersecurity Culture Part 1: Institutional Memory

    In the current cyber threat environment, organizations must be vigilant. Vigilance begins with preparation. Being prepared starts with being aware. To be successful, you need to develop cybersecurity awareness throughout your entire organization, which leads to institutional practices that support the secure execution of your business strategy. You need to create a culture of cybersecu...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Assessing Vendor Cyber Readiness: What to Look for in a SOC Report

    Even when contracting with a third-party service provider or other vendor, protecting your data is always your responsibility. Establishing a vendor management program allows you to have proper oversight of these vendors, and is an essential element of your organization’s cyber resilience strategy. You need to understand how your critical and high-risk vendors manage their own internal...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Managing Vendor Cybersecurity Risk: What to Do Before You Sign

    In today’s business world, it’s pretty common to rely on third-parties to perform or support critical operations.  However, this reliance opens your organization up to cyber risk, especially if you work with vendors who have access to your customer and/or sensitive data or access to your internal network.  This access effectively expands your cyber-attack surface.  That’s why having a ...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • Creating a Vendor Management Program to Mitigate Cybersecurity Risk

    Since the hugely-publicized Target breach of 2013, the importance of understanding the cybersecurity environment of your business’ third-party vendors has grown.  This breach served, in part, as a catalyst for new requirements and best practices.  For example, in 2015, the Federal Financial Institutions Examination Council (FFIEC) updated their Business Continuity Booklet, which is one...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • Windows SMB Zero Day Exploit Threat Advisory

    US-CERT released a warning on Thursday 2/2/2017 about a Microsoft Windows vulnerability caused by a memory corruption bug in the handling of SMB traffic.  This vulnerability may allow a remote, unauthenticated attacker to cause a denial of service (crash or reboot) in a vulnerable system.

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • Conducting a Cyber-Crime Exercise in a Smaller Enterprise

    When we talk about designing a great cyber-crime exercise, we always say that you need eight things to make it work. That sounds like good advice for a larger company, but what if you are in a smaller organization, say one with less than 300 employees? Can you still do this type of exercise? The answer is a resounding “yes!” A well-designed cyber exercise CAN be conducted in a smaller ...

  • What You Don’t Know: Cyber Defense Against Unknown Threats

    Even with all the traditional cybersecurity defenses, breaches still occur.  “So, why haven’t these traditional security products adequately protected you?” asked Jack Walsh, New Initiatives and Mobility Programs Manager at ICSA Labs, during his talk at the 2016 CyberCrime Symposium.  According to Walsh, it’s due, in part, to the fact that while they do an okay job against known threat...

  • Cyber Insurance: Are You Covered?

    Back in the late ‘90s, the insurance industry came out with an early cyber insurance product. As it was a product for Y2K losses, “it was a dud, and when it died, everybody thought that cyber insurance would never take off,” said Peter Foster, in the opening remarks of his session at the 2016 CyberCrime Symposium on cyber insurance realities. "Today," said Foster, who helps large compa...

  • Behind-the Scenes: Demystifying Malware

    The frequency and size of malware attacks and the havoc they wreak are generating a continuous stream of media coverage, attracting eyeballs with often shocking details of breach size. What’s often missing in news stories on data breaches are critical behind-the-scenes “players” – the employee roles and IT systems targeted, the technology infrastructure that supports an attack, the mal...

  • Cybercrime Attribution Analysis:  The Cyber Who Done It

    As much as cybersecurity professionals need to be concerned about insider threats, the bulk of data breaches are still the work of outside forces. "In 2015, 77.7% of all the data breaches we tracked came from the outside,” said Jake Kouns, CISO for Risk Based Security, a consultancy that helps organizations apply analytics to real-time data to monitor activity, and CEO of the Open Secu...

  • Don’t Blame Bitcoin for Ransomware

    Though it’s been around in various incarnations for a couple of decades, ransomware is one of the hottest topics in the world of cybersecurity, and for good reason. It’s malware on the rise, thanks to its role in a growing number of successful cyber-attacks and the high ROI it delivers.

  • Cybersecurity Awareness Can Be Fun and Games

    Like most cybersecurity experts, Ira Winkler has a wealth of stories that illustrate how dangerous user behavior can be to cybersecurity. He’s also got something more. A “modern-day James Bond,” Winkler is indeed a straight shooter, with a humor-laced delivery style that’s well suited to the topic of gamification – a tool he sees as instrumental to cybersecurity awareness and the subje...

  • Mobile Malware’s Getting Smarter

    Despite their immense popularity, ubiquity, and ability to find their way into just about any IT conversation and industry content, mobile devices haven’t attracted much interest from the attack side. Though device infections did reach a new high in April 2016, they comprised just 1.06% of total malware infections, explained Kevin McNamee, director of Nokia’s Threat Intelligence Lab, d...

  • Managing IoT Risk: The Internet of Things is a Lot of Things

    The Internet of Things (IoT) is, both literally and figuratively, a lot of things. At this point in its evolution, it’s something of a paradox. While IoT as an infosec topic pursues cybersecurity professionals wherever they go, its nature is to blend into its surroundings. In fact, in his presentation at the 2016 CyberCrime Symposium, Chris Poulin likened it to the iconic chameleo-crea...

  • Lessons from the 2016 CyberCrime Symposium

    Cybersecurity professionals get no relief. For every threat they counter, there are hundreds more waiting to strike, or some new point of vulnerability to consider. With the IP-enabling of every manner of device, machine, and facility, physical security managers are in the same pressure cooker as their IT counterparts. We’ve entered the era of cyber convergence, where both groups will ...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 6 months ago

New blog articles detected

  • Penetration Test Methodologies to Find Vulnerabilities Inside and Out

    While everyone may be tired of hearing, it’s not if you’ll be breached, but when, it’s the reality of our current environment. Breaches are exploding in scale and scope, and with the availability of malware-as-a-service, it’s no longer a bunch of individual lone hackers trying to get in. It’s a business model. One that’s incredibly organized and highly profitable. As such, part of your...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 7 months ago

New blog articles detected

  • It's More than a Vulnerability Scan: Penetration Testing Explained

    When I ask information security professionals what keeps them up at night, many times they say, “What I don’t know.” It’s no surprise – with reports of breaches on an almost daily basis, it’s impossible to ignore that there are a lot of hackers out there trying to get into networks wherever they can, with tools and techniques that are constantly evolving.  As such it’s important to be ...

  • Navigating a HIPAA Reporting Event when Hit with Ransomware

    People responsible for cybersecurity in every industry are familiar with the scourge of ransomware. If hit, your organization could be exposed to some very serious regulatory consequences on top of the public embarrassment, technical costs, and financial losses from the incident. For Healthcare entities, HIPAA guidance on exposure of patient information can be very difficult to navigat...

Sage Data Security, LLC

Category: Content
Type: Blog Article

Generated 7 months ago

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in