Sage Advice - Cybersecurity Blog

Creating a Cybersecurity Culture Part 3: Process

When building a Cybersecurity Culture, process plays an integral role. Every process should include learning, improvement, and accountability touch-points, as well as provide end-to-end corroboration of the function it represents.

Let’s review what this looks like in practice.

Read More

Topics: Cybersecurity Culture

Creating a Cybersecurity Culture Part 2: People First

Building a Cybersecurity Culture is important in our current threat environment. It can ensure that an incident only causes a minor interruption to business-as-usual – not a major disruption (or worse).  Cybersecurity is made up of three important elements – people, process, and technology – and each must be developed for a cybersecurity culture to endure. In part two of our blog series we’ll look at how people fit into a Cybersecurity Culture. There’s a tendency to get into an IT-first conversation, when discussing cybersecurity, but it’s really a people-first conversation. Without people there would be no culture, and nothing to protect. 

Read More

Topics: Cybersecurity Culture

Creating a Cybersecurity Culture Part 1: Institutional Memory

In the current cyber threat environment, organizations must be vigilant. Vigilance begins with preparation. Being prepared starts with being aware. To be successful, you need to develop cybersecurity awareness throughout your entire organization, which leads to institutional practices that support the secure execution of your business strategy. You need to create a culture of cybersecurity.

Read More

Topics: Security Policy, Cybersecurity Culture

Assessing Vendor Cyber Readiness: What to Look for in a SOC Report

Even when contracting with a third-party service provider or other vendor, protecting your data is always your responsibility. Establishing a vendor management program allows you to have proper oversight of these vendors, and is an essential element of your organization’s cyber resilience strategy. You need to understand how your critical and high-risk vendors manage their own internal control environment and/or their connection to yours, so you can ensure they will meet or exceed your internal policy and standards requirements.

Read More

Topics: Vendor Management

Managing Vendor Cybersecurity Risk: What to Do Before You Sign

In today’s business world, it’s pretty common to rely on third-parties to perform or support critical operations.  However, this reliance opens your organization up to cyber risk, especially if you work with vendors who have access to your customer and/or sensitive data or access to your internal network.  This access effectively expands your cyber-attack surface.  That’s why having a vendor management program should be a critical part of your operations.  You have sole responsibility for protecting your data – you can’t outsource that – so you need to understand how your vendors manage their own internal control environment and their connection to yours, so you can ensure it meets or exceeds your internal policy and standards requirements.

Read More

Topics: Vendor Management

Creating a Vendor Management Program to Mitigate Cybersecurity Risk

Since the hugely-publicized Target breach of 2013, the importance of understanding the cybersecurity environment of your business’ third-party vendors has grown.  This breach served, in part, as a catalyst for new requirements and best practices.  For example, in 2015, the Federal Financial Institutions Examination Council (FFIEC) updated their Business Continuity Booklet, which is one in the series of booklets that comprise the larger Information Technology (IT) Examination Handbook, to include Appendix J: Strengthening the Resilience of Outsourced Technology Services.  The new recommendations stated that continuity planning isn’t limited to just your organization, but extends to all outsourced and supplier relationships as well.   

Read More

Topics: Vendor Management

Windows SMB Zero Day Exploit Threat Advisory

US-CERT released a warning on Thursday 2/2/2017 about a Microsoft Windows vulnerability caused by a memory corruption bug in the handling of SMB traffic.  This vulnerability may allow a remote, unauthenticated attacker to cause a denial of service (crash or reboot) in a vulnerable system.

Read More

Topics: Threat Advisories

Conducting a Cyber-Crime Exercise in a Smaller Enterprise

When we talk about designing a great cyber-crime exercise, we always say that you need eight things to make it work. That sounds like good advice for a larger company, but what if you are in a smaller organization, say one with less than 300 employees? Can you still do this type of exercise? The answer is a resounding “yes!” A well-designed cyber exercise CAN be conducted in a smaller organization; it just takes a little readjusting of the eight basic things to make it all work.

Read More

Topics: CyberCrime Symposium, Cybersecurity Tips

What You Don’t Know: Cyber Defense Against Unknown Threats

Even with all the traditional cybersecurity defenses, breaches still occur.  “So, why haven’t these traditional security products adequately protected you?” asked Jack Walsh, New Initiatives and Mobility Programs Manager at ICSA Labs, during his talk at the 2016 CyberCrime Symposium.  According to Walsh, it’s due, in part, to the fact that while they do an okay job against known threats, they “don’t do a good job at all against unknown and new threats.”

Read More

Topics: Cybersecurity, CyberCrime Symposium

Cyber Insurance: Are You Covered?

Back in the late ‘90s, the insurance industry came out with an early cyber insurance product. As it was a product for Y2K losses, “it was a dud, and when it died, everybody thought that cyber insurance would never take off,” said Peter Foster, in the opening remarks of his session at the 2016 CyberCrime Symposium on cyber insurance realities. "Today," said Foster, who helps large companies manage risk in his role as EVP and FINEX Cyber Leader for Willis Towers Watson, "US companies are paying a total of $3 billion in cyber insurance premiums and insurance companies are covering losses caused by breaches."

Read More

Topics: Security Policy, CyberCrime Symposium