How do you know if you have a solid cybersecurity program? You may have anti-virus installed and you change your computer password quarterly, but how do you know if your security program is truly effective? When you can’t see your gaps, it’s hard to make improvements and even harder to pick up the pieces after a security breach. That’s why Cybersecurity Consultants, like ProCircular’s Andrew Chipman, collect all the information they can, then measure your active security controls against their library of applicable standards.
Read More
Topics:
HIPAA,
Information Security,
Data Protection,
it risk assessment,
DFARS,
Manufacturing,
risk
If you’re reading this, it’s very likely that you know how to use the internet. It’s also likely you’ve made an account on the internet somewhere. When you created your last account, what kind of requirements were you forced to use? For a number of web services, these requirements still follow the 2003 NIST SP 800-63 Appendix A standards that recommend an 8-character minimum, containing one uppercase, one lowercase, one digit, and one special character (Ex: Procircular1!).
Read More
Topics:
Cybersecurity,
Data Protection,
Personal Privacy,
hacking,
NIST,
Passwords
Let’s take a look at an often under-utilized aspect of network topology in the small to medium business realm: that’s right, a networking article. But before you run off, what if I told you you could increase performance and lower your production down time with equipment you (might) already have!?
Read More
Topics:
Cybersecurity,
Network Security,
consumer security,
Data Security,
Data Protection,
security incident handling,
cybersecurity plan
The reason we wear our seat belts is not to avoid getting a ticket from the police, but rather to avoid a potential injury in a car accident. This analogy is an easy way to describe the difference between box-checking security and real security, and it's instantly understood regardless of technical knowledge. This message resonates with executives, because they typically prefer to “get to the point” and correctly protecting their data is “the point” of cybersecurity.
Read More
Topics:
HIPAA,
Information Security,
consumer security,
Data Security,
Data Protection,
Vulnerability Assessment,
it risk assessment,
DFARS,
cybersecurity plan,
NIST
Data ownership and classification are usually initiatives companies think about much after implementing many other layers of controls like firewalls, patching, or antivirus. But because of legislation like Health Insurance Portability and Accountability Act (HIPAA) and the US Family Education Rights and Privacy Act (FERPA) companies are required to know what data they possess and assure they are securing it. Most organizations retain large quantities of data and some even call it “big data” but many do not have the certainty of what type of data it is, what are the data elements, where it is stored, when it should be destroyed, and how to protect it. This article will explore those elements and highlight the importance of data ownership and classification.
Read More
Topics:
Cybersecurity,
Data Classification,
Information Security,
Data Retention,
Data Security,
Data Protection,
Data Ownership
