There are always interesting and insightful presentations at the RSA security conference, and this year was no exception. However, there was one session that really captured our attention: “Cybersecurity and Data Breaches from a Business Lawyer’s Perspective.” This was presented by Kathy Winger, a practicing business attorney who provides guidance on data privacy laws and…
In previous articles we’ve talked about the need and challenges associated with securing DevOps environments. It’s a complex topic. At the root of the matter is the fact that it has to do with the overlap of the three main functions in any organization: Application developers (Dev) who must quickly develop and iterate applications designed…
In the story of the Emperor’s New Clothes, the emperor parades before his subjects in his new “clothes,” yet no one dares to say that they do not see any suit of clothes on him for fear that they will seem “unwise.” There’s a parallel in the security world today. Threat hunting for the purposes…
In prior blogs, we discussed the rise of data privacy regulations across all industries and how it has been challenging for organizations to stay on top of the varying and conflicting requirements. In this blog, we take a look at New York’s law – 23 NYCRR 500 – that has a high impact on the…
The Breaches Just Keep Coming (and So Do the Ramifications) Recent high-profile data breaches prove that the problem is getting worse, not better. If traditional security tools and approaches aren’t working, what can companies do to protect themselves from the next data security breach? The Breaches Just Keep Coming (and So Do the Data Breach…
Not All Intrusion Alerts and IT Incidents are Created Equal With all the intrusion alerts received in a day, it is important for companies to define from their perspective – What exactly is a security incident? And more important, what can organizations do to improve their incident response approach? This article takes a look and…
Meeting Compliance Requirements of Data Privacy Regulations Is Becoming a Growing Concern for the Legal Community (In A Good Way) CSPi has been hosting and attending so many great cyber-security events recently. For example, we recently partnered with Cisco to lead three successful security seminars, exhibited at SecureWorld Boston, and co-hosted a great security happy…
When it comes to data breaches, we seem to have settled into a pattern where each year passes the previous year’s record for total number of breaches. This year-over-year growth is great when it comes to stock performance or portfolio growth, but it’s extremely challenging in the world of corporate security. Unfortunately, this trend shows…
In our most recent blog post, we touched upon the difficulties of building security features into applications during the development process as well as how it can be delayed or even overlooked. But as we also mentioned, it doesn’t change the fact that application security and protecting the data used by those applications is critical…
If you are a James Bond fan, you will likely remember that Spectre was an archenemy of 007, and in true Bond fashion, 007 successfully saved the world from the world-ending plot Spectre had planned. Therefore, it is quite fitting that Spectre and Meltdown are named for what are likely the worst and most pervasive…