Resources

Cyber Security Breaches – Reduce The Human Risk Factor
Blog

Cyber Security Breaches – Reduce The Human Risk Factor

Wed, 10/24/2018
You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it...
Cyber Threats
Human Risk
Data Breach
Blog

Recent phishing attacks demonstrate widespread dangers

Tue, 11/24/2015
By this point, the dangers presented by phishing attacks are becoming increasingly well known. Business leaders recognize that information security awareness is critical for organizations of all kinds, and these programs need to focus heavily on phishing if firms want to remain protected in the current cybersecurity landscape. Phishing attacks have become among the most...
Cyber Threats
Phishing
Blog

Employee error leads to Rogers Communications data breach

Tue, 03/24/2015
While certainly not the biggest data breach in recent memory, this Rogers Communications incident demonstrates how a seemingly small employee error can have significant consequences in the realm of cybersecurity. Data breaches have become major news topics and with good reason. These incidents have major implications not just for the businesses affected but also for their...
Cyber Threats
Phishing
Data Breach
Security Awareness Training
Blog

Risk of data breaches, cybercrime growing in Latin America

Tue, 03/17/2015
Latin American companies need to increase their investment in cybersecurity, including security awareness training for employees. Data breaches and cybercrime used to be seen as shocking, alarming and difficult to fathom. Today, they seem almost run of the mill. The world and many of its criminals have gone digital, and yet countless organizations have yet to embrace new...
Data Breach
Security Awareness Training
Blog

Impending breach notification laws highlight importance of security awareness

Tue, 01/27/2015
New data breach notification proposals from President Obama and other political leaders will only exacerbate the impact of these incidents. The stakes surrounding cybersecurity aren’t just increasing – they are expanding. For years now, business leaders have understood that data breaches are a serious issue, one which firms must do everything in their power to avoid. After...
Cloud Security
Data Breach
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance

Identity Theft

Tue, 08/27/2013
Identity theft is not a new phenomenon, but has evolved with the advent of information technology. Nowadays, access to a large amount of information available on the Internet, the exploitation of IT or the use of various scams allow fraudsters to obtain private or confidential information about their victims in order to steal their identity and then commit malfeasance. ...
Cyber Threats
Identity Theft
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...
Cloud Security
Compliance