Improving record keeping and data handling is critical to keeping the trust of partners, vendors, contractors, and customers. The importance is magnified when the federal government is involved, with the goal of creating a national culture of cybersecurity that protects the information of our businesses, citizens, and government. The National Institute of Standards and Technology (NIST) created Special Publication 800-171 to help protect Controlled Unclassified Information. But what does that actually look like? How will you know you’re meeting the standards laid out in NIST 800-171? What is CUI?
During tax season, personal information is being exchanged at a much higher rate than any other time of year. Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them. There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right. For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on WTNH’s Good Morning Connecticut alongside Michelle Seagull, Commissioner of the CT Department of Consumer Protection talking about tax hacks and scams targeting companies in Connecticut. Commissioner Seagull and I were also guests on the MetroHartford Alliance’s “Pulse of the Region” radio show with Brian Newman from CohnReznick discussing this same topic.
Start improving your cybersecurity posture now with this ebook, free when you subscribe to our blog.
As business operations are increasingly conducted online, businesses in all industries are becoming more susceptible to cybersecurity breaches. I was recently invited to discuss cybersecurity concerns and best practices for real estate agents on Real Estate Radio, a show broadcast on CBS Radio 94.9FM here in Connecticut and hosted by One and Company Real Estate’s Byron Lazine and financial planner Pat Kenny. Our discussion wound up being quite universal and applicable to almost any industry. Here are some of the highlights of my interview with Byron and Pat. Below, you’ll find the full transcript and audio of the conversation.
This fall, the State of Connecticut announced a cybersecurity action plan. In order to learn more about this--and the state of cybersecurity in Connecticut in general--we reached out to Arthur House, Chief Cybersecurity Risk Officer for the State of Connecticut. He was gracious enough to fill us in on a wide variety of topics from how Connecticut’s towns and cities are battling hackers, to why countries like Ukraine are looking to CT for guidance on cybersecurity.
Last week, the FCC voted to end Net Neutrality. I was invited on Fox61 to talk about this issue. Since it's a lot to fit into a four-minute segment, I thought I'd offer some additional thoughts here.
Infinidat has recently released version 4.0 of it's InfiniBox software, the brains behind its speedy, massive, hybrid flash/hard-disk storage arrays. What’s the big deal? A hybrid storage array that meets or beats all-flash arrays on all their traditional strong points, at the cost you’d expect from inexpensive spinning-disk arrays, plus seven nines reliability and super-fast synchronous data replication so that no data is ever at risk of being lost. As more companies discover the benefits of InfiniBox, the notion that all-flash arrays are suitable for high-performance storage may prove to be just another flash in the pan.
Given the current cyber threat landscape, we think it’s a good time to talk about what to actually do about cybersecurity. After all, though you likely hear about a new data breach or critical vulnerability every other week, awareness without action isn’t much use! Before we dive in, however, let’s talk about some thought patterns we often see that prevent companies from taking effective action on cybersecurity.
Equifax made some serious mishaps lately, both technically and incident response. What’s really disturbing: while this is the largest, this is not an isolated incident. We won’t cover the details here, since there are plenty of sources where you can find information about the breach, its consequences, and what has happened after that. What we will cover is some thoughts around what we can all learn from the events leading up to, during, and after the breach. At Kelser, we don’t want any company to fall victim to the same incident and aftermath that Equifax did. We match our recommendations to our clients’ business objectives, establishing a comprehensive and multi-layered strategy to manage risk before, during and after a cybersecurity incident.