Receive articles and resources from the information risk management experts at FoxPointe.
This article was written by Emily Mosack In today s digital landscape where cybersecurity threats are constantly evolving organizations face the challenge of staying ahead of malicious actors while managing limited resources and expertise One solution gaining momentum is outsourcing cybersecurity functions to specialized external providers What is outsourcing The...
In today 8217 s rapidly evolving digital landscape the protection of sensitive information and the preservation of digital assets have become paramount as has a full and accurate understanding of the controls in place nbsp As organizations navigate the intricate realm of cybersecurity the role of a Chief Information Security...
Today s organizations face numerous cybersecurity challenges and one of the most insidious threats is social engineering nbsp Cybersecurity is often associated with technical vulnerabilities and sophisticated defenses however social engineering leverages human reactions and psychology to gather information and perform attacks nbsp This article aims to shed light on...
This article was written by Brandon Agostinelli The Cybersecurity and Infrastructure Security Agency CISA defines Multi factor authentication MFA as a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user s identity for...
February 24 2022 Russia began its large scale military invasion of Ukraine one of its neighboring countries Many international organizations like Apple and Volkswagen have taken a stance by applying sanctions against Russia in hopes of encouraging Russia s President Vladimir Putin to stop its invasion without starting a world...
By Christopher Salone CISA CCSFP MBA This past year proved to be a year of rapid development for the cybersecurity and IT landscape As new threats emerged others continued to develop and evolve Throughout the year the FFIEC in an effort to help its institutions combat these threats issued new...
Overview Typically the two primary goals of a company s Payment Card Industry PCI governance program are to meet the intent of applicable controls and reduce the scope of PCI Data Security Standards DSS requirements enforced on the company s environment However many companies do not meet the guidance requirements...
Our workplaces have become more mobile than ever before largely due to advancements in technology being used by businesses for communication and collaboration The circumstances related to the COVID 19 pandemic have expedited this movement by forcing most businesses and organizations out of their offices and into remote work sites...
What is a SOC 1 Report A SOC 1 report also known as the Statement on Standards for Attestation Engagements SSAE 18 focuses on a service organization s controls that are likely to be relevant to an audit of a user entity s customer s financial statements SOC 1 reports...
Since the regulation came into effect in March 2019 the New York State Department of Financial Services DFS continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500 With 23 distinct sections of the regulation DFS requires a comprehensive cybersecurity program for Covered Entities including...