Category: Uncategorized

  • 7 Reasons Why I’m Excited About the RSA Archer 6.7 Release (and You Should Be Too)

    Posted on November 11, 2019 by John McDonald

    As an end user of RSA Archer, an enterprise governance risk and compliance (eGRC) Program Director for a Fortune 50 company, and now an eGRC Practice Manager for a boutique consulting firm, I have gained valuable experience and insight into what customers are looking for in the eGRC realm. Learn More
  • FDA Issues Medical Device Compliance Warning: What Steps Do You Need to Take?

    Posted on October 31, 2019 by Charles Worrell

    Medical devices that use third-party legacy software called IPnet, are at risk for remote attacks conducted by hackers. The Food and Drug Administration (FDA) issued a warning to patients, healthcare professionals, IT staff in healthcare facilities and manufacturers  on October 1, informing them of  the  vulnerabilities. 

    The IPnet software is still part of several operating systems and applications for medical and industrial systems that are used today. Learn More

  • Did you Know InfoSec Assurance is Required in Automotive Product Testing?

    Posted on September 18, 2019 by Devesh Panchwagh

    If you are an automotive supplier or service provider, you may have enough to worry about to stay on track with product delivery goals. There are OEM demands and aggressive plans to speed time to market. And now, Information Security assurance is required in the Testing phase for Automotive products. Learn More
  • Reduce the headache of managing compliance by taking a programmatic approach

    Posted on September 1, 2019 by John McDonald

    Can you remember the last time you supported an audit or assessment? You may still have occasional nightmares about the process. It may have been a regulatory audit for something like HIPAA, PCI, NERC/FERC, or DFS 23 NYCRR 500. If there were only some way to simplify the process and make it less painful (and costly). Well, there is a way. Learn More
  • Demystifying ICS Cyber Risk with FAIR Analysis

    Posted on August 20, 2019 by John McDonald

    When it comes to cybersecurity, organizations that use Industrial Control Systems (ICS) tend to be at a disadvantage. There are unique factors that affect managing risk for such systems. 

    In this blogpost, find out what makes managing risk a slippery slope for Industrial Control Systems.  See how using FAIR methodology to quantify risk can help you pinpoint your biggest cybersecurity vulnerabilities — and spend budget intelligently. Learn More

  • A day in the life of a Pen Tester: how our Test Team infiltrated a client’s network

    Posted on August 13, 2019 by Charles Worrell

    As a pen tester, I’m only as good as the tools at my disposal, the team by my side, and the handy skills in my back pocket. When it came time to conduct a Red Team Assessment, my team and I needed to combine all our special skill sets to test our client’s defenses.

    The first thing we needed to do was to understand the client’s Internet footprint. This understanding would provide valuable intelligence for the rest of the engagement. Learn More

Before you leave…
want to sign up for our newsletter?