Yesterday’s outage at Amazon is a timely reminder of our need to have a contingency plan. Once services are moved to the cloud, we must take into consideration the impact to the business caused by the unavailability of the cloud … Continue reading
Ted Lloyd

Who is responsible for IoT security? What about implied warranties? There are increasing concerns around the security of devices on the Internet of Things given the recent weaponization of many devices to launch DDOS attacks. The specific issues involved poor … Continue reading
Well-structured security policies are a necessity for business organizations regardless of size. Without effective policies, there is no governance and no effective security program. In order to be effective, policies need to be supported by effective controls which can be … Continue reading

This morning’s WSJ had an interesting article, “Corporate Judgment Call: When to Disclose You’ve Been Hacked.” The concern raised was that although hacks and data breaches are more common, few are reported to the SEC as required. … Continue reading

Cybersecurity skills are some of the most in-demand skills in the IT world of today. Hiring managers and recruiters alike lament the lack of skilled candidates leaving positions unfilled and salaries escalating for the limited pool of qualified candidates. I … Continue reading

Most organizations implement controls around privileged account access for IT staff and administrators which includes revoking access upon employee termination. But what about vendors or managed service providers? An interesting case came my way today from a team actually in … Continue reading

Twice this week the WSJ has published articles related to the FAA, and cybersecurity in the aviation industry. Although there are yet no documented cases of cyber terrorists bringing down an aircraft, one does have to wonder what the flying … Continue reading
We have all seen the saying “see something, say something” in airports and various public places advising the traveling public to report suspicious items and events. Likewise, as business leaders, we encourage our employees to report information security incidents so … Continue reading
Ok, so the title of this post may lack any reference to cyber security. However, there is an analogy to be made here if I may beg your indulgence for a moment. Most of us grew up hearing this term … Continue reading
It is nearly impossible to pick up the morning newspaper or go online and not be confronted by another story about the emerging saga of Hillary Clinton’s email scandal. While of course, much of the dialogue is politically based, there … Continue reading