Cybersecurity is a business problem impacting the livelihoods of companies and their owners. As a result, Management and Leadership must take steps to proactively mature their information security posture. A great place to begin (or continue) maturing your security environment is through the implementation of a security framework such as ISO 27001. If you are[…]
I believe team’s that go through hard stuff together come out closer and more tight-nit than when they started. Tight-nit teams get each other’s back and ultimately do great work for each other and for our clients. That’s one reason our team members make it a habit to do tough stuff together a few times[…]
Windows Servers are practically irresistible to hackers everywhere. This makes the lone Windows Server a perfect candidate for a honeypot. In this post we explore how to use a Windows Server to divert a hacker’s attention from what matters than by giving them what they think is an easy win!
Cybersecurity is a business problem impacting the livelihoods of companies and their owners. As a result, Management and Leadership must take steps to proactively identify and resolve security vulnerabilities to protect company value. A great place to begin (or continue) maturing your security environment is through penetration test activities. Penetration tests can be a[…]
On April 25, 2019, join risk3sixty and other great Atlanta companies where the Atlanta Business Chronicle will release its annual ranking of Atlanta’s Fastest-Growing Private Companies (Pacesetters). To qualify, a company must be privately held; based in metro Atlanta area and not a subsidiary of another company; established first quarter 2016 or earlier (to judge[…]
Join risk3sixty on Thursday, May 9th from 11:15am to 1pm, where we will be co-hosting a NW Atlanta AWS Meetup with Afonza. AWS principle solution architect, Craig Lawson will be speaking about IoT within AWS.
Phishing is when a malicious individual, using email, impersonates a sender that an internal user would have familiarity with, sometimes targeted towards highly specific personnel (Spear Phishing), to execute their intent. Attackers can do this by spoofing their email address to make it appear as though it is coming from a trusted source. Low level[…]
Studies performed by the Ponemon Institute linked 56-59% of security breaches to third parties. At the same time, companies are increasingly leveraging specialty service providers to perform critical business functions. Combined, third-party risk is being elevated to the board level and banks are scrambling to manage their vendor-related risks. The net result for service providers[…]
Cloud Companies Can Conquer GDPR with ISO 27018 Certification. Almost a year into a post-GDPR world, the question for many cloud service providers is still, “How do I evidence GDPR compliance?” With no meaningful certification in sight, the time is now for cloud service providers to be proactive in showing how they protect customer data in accordance with GDPR.
Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.