Information technology blog, cybersecurity blog

When it comes to IT security, most businesses I speak to have become more sensitive and very concerned regarding IT security breaches.

Phishing is an old game, but the rules are always changing. I was quoted extensively, along with experts from companies like PwC, EY and McKinsey & Company, in a story for SC Magazine on developments in phishing of which CISOs, leaders and companies of all sizes need to be aware.

Following the interim rule passed down in the document DFARS Case 2019-D041 on September 29, 2020, there’s a growing number of subcontractors in the Department of Defense (DoD) supply base selling into the “Primes” who are receiving urgent requests from their customers to comply with this new requirement. Regardless how long the DFARS 252.204-7012 has been a stated requirement for DoD contract awards, this new urgency is driving a lot of activity in the Defense Industrial Base (DiB). As such, you have likely heard from a range of vendors that have offered to help you reach that goal.

Thrive Global recently conducted a Q&A with Kelser President Jim Parise as part of the outlet's series on “5 Things You Need to Know to Optimize Your Company’s Approach to Data Privacy and Cybersecurity.” The article also ran in Authority Magazine.

Senior consulting engineer Andrew Tyler was a panelist for a recent cybersecurity virtual forum presented by the Hartford Business Journal. The theme of the forum was how the pandemic has forced a change in the way many businesses approach cybersecurity in this new work-from-home world.

See this article as it originally appeared in The Hartford Business Journal. When I read last year that employees at layoff-and-buyout-battered Tribune Publishing newspapers (including the Hartford Courant) received mock phishing emails promising bonuses of $5,000 to $10,000, my heart sank. I can only imagine how the journalists themselves felt.

Picture this scenario that I’m guessing you’ve experienced before: you’re typing away at your computer when your manager asks you to swing by their desk to check out something related to the project you’ve been working on. You get up to head over – this project has been your main focus lately so keeping it moving forward is crucial - and then you pause as you are about to leave your desk. You’ve left your computer unlocked. IT always tells you how important it is to lock your computer whenever you leave it but there’s no one visiting the office today and you’ll just be gone for a few minutes. There are plenty of other employees around, so it’s probably not a huge deal, right? That pause and line of thinking is why I wanted to write this post.

See a condensed version of this article as it ran in The Hartford Courant. I also was interviewed on WFSB Channel 3’s Face the State about this topic in September 2020. When a city or company is hacked, its leaders usually don’t face the press. They hide behind a statement and news of the attack gradually emerges over days or weeks. They don’t want to field questions about what they would have, could have, should have done. Earlier in September 2020 when Hartford Public Schools canceled the first day of classes while the city recovered from a cyber attack, the mayor, school superintendent, police chief and head of IT for the city held a joint press conference. They confidently explained the situation and the city’s response. To those of us in the cybersecurity field, it was clear that the city had invested time and financial resources and was ready for this attack and that its leaders were following a response plan. It was very different from the scrambling we’re used to seeing, especially on the municipal level.