Compliance and Risk Management in the Spotlight: Lessons Learned from the SolarWinds Hack

Solarwinds security breach

We recently wrote an article discussing, briefly, a data breach for the security firm FireEye. At the time, FireEye claimed that the breach was the result of a foreign attack, a state-sponsored cyberattack, an event that has unfortunately become the norm in 2020. As we, along with the rest of the country, have learned the FireEye breach was connected to the massive SolarWinds hack, one that many are calling one of the largest security breaches in U.S. history. 

Here, we’ll talk about some of the basics of the attack, including how it happened and its impact. The lessons we can learn from the SolarWinds hack can emphasize just how important risk management is for companies large and small across the U.S.

Read More

ISO 27000 Demystified

ISO 2700 Blog Post

ISO what?

The ISO (International Organization for Standardization) and the IEC (International Electrotechnical Commission) provide a globally recognized framework for best-practice information security management: the ISO/IEC 27000 family of mutually supporting information security standards (also known as the ISO 27000 series).

The most well-known of the series is ISO 27001, which sets out the specification for an ISMS (information security management system).
The series is developed and published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Read More

Something Phishy is happening – Phishing Scams on the Rise

Phishing Featured COVID 19

Coronavirus-related Phishing Scams and Attacks on the rise

Cybercriminals have been taking advantage of the coronavirus outbreak to target people with phishing scams and malware in the guise of information relevant to the disease. These attacks typically take the form of malicious apps, phishing emails, and phony websites. In addition, the US government has been offering stimulus payments, presenting another area ripe for exploitation by scammers.

Read More