Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply. Whether… Read More
Delta Risk’s Stephanie Ewing-Ottmers, Senior Associate, and Constantine Pavlis, Cyber Intrusion Analyst, made return appearances to Black Hat and DEF CON last week. In their own words, here’s what they experienced at the 2017 conferences. DEF CON 25 In the words of Constantine Pavlis From jailbreaking Apple watches to hacking the cloud to exploiting wireless radio devices, DEFCON 25 had something for… Read More
There’s no shortage of analysis on the Petya ransomware strain that struck organizations across the globe in the past month. You can find blog posts and articles covering practically every angle – from the machine language nuances of the code, to the length of the encryption key, to the possible nationality of the code writer…. Read More
The 2017 National Insider Threat Symposium and Expo, hosted by the National Insider Threat Special Interest Group (NITSIG), put the spotlight on insider threat detection, behavior patterns, program development, law enforcement, legal ramifications, and future challenges. The one-day event consisted of speakers from a mix of backgrounds, including insider threat risk mitigation experts, private sector business professionals, and… Read More
Today’s blog is written by our guest author, Bob Carver. He is a CISM, CISSP, and M.S. who specializes in topics about information security, privacy, and cloud security. If you look at a range of recent security industry reports, you’ll see varying times quoted for how long it takes criminals and bad actors to exploit your… Read More
In most organizations, cyber security incident response (IR) and business continuity (BC) or disaster recovery (DR) are still considered as separate functions and distinct disciplines. This is clearly a missed opportunity to maximize resources since they are two sides of the same coin. These disciplines share the common goals of protecting the organization’s reputation and ensuring continuity of operations. Therefore, it… Read More