As much of the world shifts gears into "self-quarantine" mode to slow the spread of the Coronavirus, more and more people are looking at how they can work remotely. Approximately 3-4% of the workforce already works virtually, for the rest this will come as a new experience.Read More
Security, Cybersecurity, Security Consulting, Information Security, Digital Business transformation, RSP
You have to transform. Competition is fierce. Business is changing. Customers expectations are increasing. Technology is advancing and making things we only dreamed about 5 years ago a reality.
Can you truly embrace digital transformation while maintaining the security posture of your organization? You can.
But you have to start with the right ingredients.Read More
So, let me tell you a story. This is a true story. A personal story about a request I got from someone who is near and dear to me.
These kinds of requests are becoming more and more common and so I wanted to share what happened so that you can recognize it when somebody comes knocking on your door (or email) with a similar ask. Who would suspect that a gift card could be the tool of a phishing attack? You should.
By now, most of the world has heard about the alarm pertaining to a zombie alert in Lake Worth, Florida. Do we think that zombies were getting their day in the sun, or could it possibly be that whomever was responsible for writing the power alert application (or for testing it) was in some sort of zombie state at the time?Read More
Neighbors, babysitters, handymen, even family members; your backyard, upstairs deck, even your own front door…
Statistics show the vast majority of burglaries and theft, especially identity theft, are perpetrated by a household acquaintance or family member. The US Department of Justice says that “Offenders were known to their victims in 65% of violent burglaries; offenders were strangers in 28%.” Similarly, any Google search yields countless articles listing front doors, backyards, and ground floor windows as the most common points of entry for burglars.Read More
In Part One of my blog series aimed at breaking down each section of Online’s security policy, we looked at some general best practices surrounding the development of a security policy. This included answering the question of “why develop a security policy?” and went into detail about developing the scope of content contained within. Part Two analyzed the organizational roles and responsibilities needed to implement an effective security policy. Now let’s take a look at how Electronic Communication plays into an effective policy.Read More
In Part One of my blog series aimed at breaking down each section of Online’s security policy, we looked at some general best practices surrounding the development of a security policy. This included answering the question of “why develop a security policy?” and went into detail about developing the scope of content contained within. Now let’s take a look at the roles needed to implement an effective policy.
The intercom at the airport speaks the truth as it periodically repeats the mantra “Security is Everyone’s Responsibility”. If security is everyone’s responsibility then even the best written security policy is nearly worthless if it doesn’t include a section pertaining to roles and responsibilities.Read More
Earlier this week a new spambot emerged, targeting no less than 711 million email addresses. Basically, the spambot delivers malware called Ursnif into the victim's inbox and is capable of stealing personal information such as login details, passwords, and credit card data.
The name of this spambot, “onliner”, is a touch disappointing, a bit ironic, and of course has no relation to us whatsoever. At Online, our team (our employees) are known as Onliners.Read More
The PCI Security Standards Council sent out a communication to all Qualified Security Assessors (QSAs) this past week saying they are raising the number of industry certification requirements for QSAs from one certification to two (effective 2019). While I have been in strong favor of almost everything that the council has done to evolve the PCI standard and program, I have concerns with this change for QSAs and what they will mean to our clients.Read More
Online infuses the right amount of security into everything we do – I like to refer to this approach as our “special sauce.” Security is not just important to our Risk, Security, and Privacy (RSP) practice (which lives, breathes, eats, and sleeps security), it’s important to our entire company. We have built security in to our development processes, our service management practice, our customer/digital experience offerings, our internet of things (IOT) offerings, and our cloud-based (AAS) service offerings.Read More