30 Minutes and Your Identity is Stolen!

Within 30 minutes of searching the Internet, a fraudster can find your personal information and begin the process of stealing or compromising your identity.   Three Years to Three Months – How Soon Can You Tell If Your Identity Was Stolen? Based on Experian.com, it typically takes three months for the majority of people to discover they have been victims …

What is: Data Classification Policy

Executive Summary: Data classification policies establish criteria for ranking data based on the resulting impact of loss or theft on an organization. The impact of loss or theft includes the cost to recover data, adverse impact on organizational reputation, operational downtime, legal fines and penalties, and overall financial liability. Data classification policies are an essential part of a Written Information …

The California Consumer Privacy Act (“CCPA”) is Now Effective: What Does It Mean for Your Business?

Did you know?  The California Consumer Privacy Act of 2018 (the “CCPA”), one of the most stringent and far-reaching consumer privacy laws in the country, became effective as of January 1, 2020. The CCPA significantly expands the privacy rights of California consumers by imposing new requirements on businesses to disclose what categories of personal information will be collected, the purpose …

Finding Vulnerabilities is a Good Thing

How do I know the unknown? No matter how cautious a company is in designing and defending its information security systems, there is always the potential for data breaches and cybersecurity incidents. One method to find these vulnerabilities before a threat actor does is to test your security using some of the same techniques that criminals do, first. Penetration tests …

A Risk Assessment Will Identify a Path to Success

Did you know? A risk assessment is a process to uncover gaps and to document a road map for better cybersecurity practices and organizational resilience. It can often determine the cost and likelihood of an incident while quantifying the need for security spending. How does it work? Risk assessments should be performed on IT assets, especially those containing Personally Identifiable …

Incident Response Planning: Having a Play in Your Playbook

Did you know? An Incident Response Plan is an operational playbook that helps minimize the financial and reputational impact caused by an incident for an organization. By creating an Incident Response plan and team, organizations respond better to cybersecurity incidents, quickly resuming normal business operations, and promptly alerting relevant stakeholders, authorities, and regulatory agencies to meet all regulatory requirements. Do …