Tags » Information Security

Low Profile Office 365 Breach Reported

A couple years ago I wrote:

“I am told by many in my industry (and some vendors) that ‘if we put it in the cloud it will work better, cheaper, be safer, and always be available.’ Under most general financial services use cases (as opposed to niche functionality) that statement seems without foundation.” 690 more words

Risk Management

Workforce Mobility = More Shoulder Surfing Risk

An individual recently alerted me to an instance of sensitive information being displayed on an application screen in the context of limited or non-existent business value. 1,128 more words

Information Security

This is a SCAM to get your money and your info! DON'T FALL FOR IT!!!

Look out for the latest SCAM to pop up on my computer! DO NOT OPEN! Shut down! Reboot, or CTRL + ALT + DEL to open you “Task Manager” window and END the program. 26 more words

Information Security

Insecure software is the root cause...

If you are involved in creating, maintaining, operating or acquiring risk-appropriate software, this short blog about the recent wannacry ransomware exercise is worth reading.


Risk Management

New Technology and Service Options Do Not Trump Law and Regulations

A couple weeks ago I received a letter from Wells Fargo. After mentioning some brokerage account details there were a couple paragraphs of disclosure about $2.5 M in penalties for failing to effectively protect business-related electronic records.   719 more words

Information Security

​The Treacherous 12 - Cloud Computing Top Threats in 2016

The Cloud Security Alliance published “The Treacherous 12 – Cloud Computing Top Threats in 2016” last year.  I just saw it cited in a security conference presentation and realized that I had not shared this reference.   311 more words

Risk Management