Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Receive articles and resources from the information risk management experts at FoxPointe.
Without a doubt, supporting the continually cyber-attacked infrastructures of our healthcare providers is on the minds of every person in leadership roles at every health system. Anything that can help protect our valuable systems and data and support the missions of our health systems should be explored. Regarding this recent...
Cloud security encompasses the policies, technologies, and practices designed to protect cloud-based resources, including data, applications, and infrastructure, from a wide range of cyber threats. Cloud computing has become the technology of choice for organizations wanting scalability and flexibility to meet their business needs. However, migrating to sophisticated cloud environments...
It’s no surprise in this era of impressive technological advancement that fraudsters are cooking up more creative and elaborate schemes to grab funds. Accountants and investigators need up to date knowledge, skills, and tools more than ever to effectively combat fraud. In the past, sifting through stacks of looseleaf bank...
In today’s rapidly evolving digital landscape, the protection of sensitive information and the preservation of digital assets have become paramount, as has a full and accurate understanding of the controls in place. As organizations navigate the intricate realm of cybersecurity, the role of a Chief Information Security Officer (CISO) has...
Cybercrime events cost affected organizations trillions of dollars annually and the monetary damage caused by these incidents is increasing year over year. Many well-known organizations have acknowledged the unfortunate rise in cybersecurity incidents and the importance of appropriate insurance. The United States Federal Trade Commission, in conjunction with the National...
Today’s organizations face numerous cybersecurity challenges, and one of the most insidious threats is social engineering. Cybersecurity is often associated with technical vulnerabilities and sophisticated defenses; however, social engineering leverages human reactions and psychology to gather information and perform attacks. This article aims to shed light on the key principles...
How can an organization know if they are prepared to handle the many facets of a cybersecurity incident? We check the news all the time and see headlines of the latest data breach, or ransomware outbreak, but what if that happened to you? Would your team be able to identify...
Man-in-the-Middle Attack Phishing and malware attacks have become well known methods of cyber security attacks. But there is another, less common, but equally dangerous method of attacking: Man-in-the-Middle or Eavesdropping attacks. A Man-in-the-middle attack involves an individual observing or collecting your data that is being sent to a trusted source....
As another year passes, more cybersecurity laws and regulations for financial institutions are proposed and or updated. Let’s recap the last twelve months and look at some of the most impactful cyber regulatory updates that, whether coming soon or are now in effect, will need to be considered by your...
In 2018, one of the most well-known side-channel attacks was discovered. The Spectre and Meltdown attack was noteworthy because of how the exploitation affected almost every modern computer processor using software alone, making it difficult to detect. There was a specific technique called “speculative execution” that created a vulnerability in...
This article was written by Christopher Salone, CISA, CCSFP, MBA After years of presenting to Audit Committees, you develop effective ways of communicating not only the results of your IT Audits, but also the health and state of the Organization as a whole. Frequently, I find that at the end...
The FTC Safeguards Rule requires covered companies to develop, implement, and maintain an information security program with over 20 implemented, documented and risk assessed administrative, technical, and physical safeguards designed to protect customer information. Are your clients up on what the revised Rule requires? Are they ready to be compliant...
