Let's Talk
Welcome to the EiQ Networks Blog

How Are You Implementing SANS/CIS Controls to Mitigate Risk of Data Breach?

Posted by Security Steve on Mar 2, 2016

 

Many regulations state that companies must take reasonable measures to protect sensitive data, for example, personal information such as Social Security numbers, medical information, and payment card data. But even with that mandate, information is still being stolen through data breaches. Last year in the state of California, 178 reported breaches put over 24 million records at risk, affecting nearly 60% of Californians.

 

How to Prevent Internal Security Hacks With Simple Internal Cybersecurity Controls

Posted by Shawn O'Brien on Jan 29, 2016

 

Led by the Center for Internet Security (CIS), an international community of experts regularly publishes a list of recommended security controls (CIS Critical Security Controls) that outline specific actions organizations can take to improve their cyber defenses. Implementing the controls protects organizations from internal and external cyber threats.

 

According to a 2013 Clearswift survey, 58% of all security incidents can be attributed to insiders. Below is a look at how two of the controls guard effectively against the paradigmatic internal threat: the insider who has turned against his or her own organization.

Are You Prepared for the FFIEC Examinations?

Posted by Trevan Marden on Oct 5, 2015

We’ve been having a lot of conversations recently with banks and financial organizations about not only meeting GLBA and PCI-DSS requirements, but also making sure they are prepared for the FFIEC examinations. On the heels of the release of the FFIEC Cybersecurity Assessment Tool this summer, financial organizations are recognizing shortcomings and gaps with their current security processes and systems and looking for ways to correct the issues within constraints of limited budgets, time, and other resources.

The Link Between Security Controls and Compliance

Posted by Kevin Landt on Jun 30, 2015

Compliance management has historically focused on reactive security monitoring (SIEM and Log Management) to meet regulatory mandates. SIEM and Log Management do not proactively identify weaknesses in your network defenses; they only notify you after an event has occurred. As a result, companies continue to experience an increasing number of breaches even though they are in compliance with regulations at the time of a breach.

 

2 Simple Ways IT Asset Management Can Boost Security

Posted by Security Steve on Jun 9, 2015

Implementing IT Asset Management can help your organization reduce its exposure to cyber risk. Hackers are always looking for the easiest way to infiltrate your network and IT Asset Management can help close the holes that let hackers in. While every network faces unknown risks, IT Asset Management can help you mitigate known risks.

IT Asset Management can provide detailed information on the lifecycle of your devices, including what devices are known and authorized on your network and what software those devices are running.

Here are two ways IT asset tracking can help you improve your security:

4 Proactive Security Steps Anyone Can Take to Secure Their Network

Posted by Security Steve on Jun 2, 2015

Most security monitoring practices focus primarily on reactive security, alerting security teams when a possible attack has been detecting on their network so that they can react to it and try to stop the intruders before any damage is done. The problem with this method is that the longer it takes to detect an attack, the more it will cost to fix it. The longer the attacker is inside your network, the more of a chance it has to find sensitive information.

JP Morgan Breach Discovered Thanks to Log Data

Posted by Vijay Basani on Nov 19, 2014


JP Morgan Chase, a major American financial institution, disclosed a cyber breach back in September. The breach affected 76 million households and 7 million small businesses. The hackers used some of the same offshore servers to hack both the bank and the website of the JP Morgan Corporate Challenge. The IT team at JP Morgan was able to uncover the hack by chance, after studying the Corporate Challenge website breach.

Cybersecurity Breaches for Financial Institutions – the Pain Continues….

Posted by Security Steve on Nov 3, 2014

“Theft of information assets, disruption of services and wrongful disclosure are believed to be the most serious cyber security threats to an organization’s information assets. The most serious consequences from a cyber attack or intrusion are the loss of intellectual property, productivity decline and lost revenue." - Ponemon Institute, 2013(1)

Strategies for DDoS Attack Prevention and Mitigation

Posted by Trevan Marden on Aug 4, 2014

 

With attacks reported against many banks and major corporations, DDoS (Distributed Denial-of Service) attacks seem to be a hot topic these days.  This begs the question of what can be done to protect organizations from the damaging impacts caused by sustained service outages on critical resources -- and, increasingly, to protect the organization from the data theft and other secondary motives of DDoS attacks used as smokescreens to draw critical security resources away from true targets. 

Outsourcing Your SOC

Posted by Security Steve on Jul 28, 2014


It should be common knowledge that the security of your company data is one of the most critical functions of an Information Technology program. It’s also one of the most budget- and resource-intensive functions, as well. With all of the directions you can get pulled in every day, having to deal with the headache of your security posture shouldn’t be at the top of your list. That’s where outsourcing your information security comes in. Data security outsourcing, specifically security monitoring, can be a viable and intelligent option when it comes to keeping the data in your organization secure, and it allows you to keep security levels high without having to allocate precious resources to those functions. 

Subscribe to Email Updates

How Prepared Are You to Battle Cyber Attacks?

Find out with EiQ's free cyber security readiness assessment!

Find Out Now!

Posts by Topic

See All