Skip to main content
FoxPointe FoxPointe
  • Services
    • Cyber Risk, Assurance and Compliance
    • IT Audit
    • Penetration Testing
    • General Consulting
    • Virtual Chief Information Security Officer (vCISO)
  • About Us
    • Management Team
    • Credentials
    • Careers
  • Resources
    • Events
    • News
    • Videos
    • Whitepapers
  • Blog
  • Contact Us
FoxPointe
  • Services
    • Cyber Risk, Assurance and Compliance
    • IT Audit
    • Penetration Testing
    • General Consulting
    • Virtual Chief Information Security Officer (vCISO)
  • About Us
    • Management Team
    • Credentials
    • Careers
  • Resources
    • Events
    • News
    • Videos
    • Whitepapers
  • Blog

Enter Keywords

FoxPointe Security Hub

Subscribe to the blog

Receive articles and resources from the information risk management experts at FoxPointe.

Subscribe Now

Benefits of a SOC 2 + HITRUST CSF Report

June 10, 2021
This blog was written and produced by Courtney Nist, Senior Security Consultant CHQP, CCSFP, at FoxPointe Solutions. Looking to get in touch with Courtney? Reach out today: Courtney Nist cnist@foxpointesolutions.com. Based on the Verizon Data Breach Investigations Report of 2021, healthcare and…

Benefits of a SOC 1 Report

May 21, 2021
What is a SOC 1 Report A SOC 1 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 18, focuses on a service organization’s controls that are likely to be relevant to an audit of a user entity’s (customer’s) financial statements. SOC 1 reports cover a…

New York State Department of Financial Services Cracking Down On Compliance With Cybersecurity Regulations

May 13, 2021
Since the regulation came into effect in March 2019, the New York State Department of Financial Services (DFS) continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500. With 23 distinct sections of the regulation, DFS requires a comprehensive cybersecurity…

New Proposed Banking Breach Notification Regulation is Met with Criticism

April 22, 2021
As you were enjoying a cup of coffee the morning of December 18, 2020, you might have been arranging your Holiday plans or ordering a last-minute gift for a loved one. Or, perhaps, you’re part of the banking industry, and as part of your morning routine, you peruse various news outlets and…

Reducing Third-Party Risk: Ongoing Assessment and Monitoring

April 15, 2021
In this day and age, the risk of cybersecurity threats is becoming a concerning topic for organizations. Reducing the risk of data breach has become a top priority for many businesses. When it comes to minimizing risk, an often-overlooked area is third-party risk. Many organizations include an…

Over 500 Million Facebook User Records Leaked

April 5, 2021
On April 2, 2021, it was confirmed that a malicious user published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The information, spanning from users across the globe, includes phone numbers, user IDs, full names, locations, birthdates, and some email…

Important SHIELD Act Information for Colleges and Universities

March 5, 2021
An updated cybersecurity law that the IT organization (along with other college/university departments) will need to continue to integrate into its compliance programs, policies, and controls is the recent changes to New York’s General Business Law 899-aa and 899-bb (aka SHIELD Act). The…

Measuring the Costs of Cyber Risk; Applying Lean Six Sigma Methodologies for a Customer's First Mindset

March 3, 2021
The year 2020 will be forever remembered for the impacts of how the global pandemic forced the adoption of innovative production, logistics, and workforce solutions. Many best practices emerged from the experiences of COVID-19, we continue to learn that these new methods can pay significant…

5 Steps to Take When You’re a Victim of Identity Theft

February 17, 2021
In our increasingly digital world, individual’s personal information resides on hundreds, if not thousands, of servers across the globe resulting in a huge rise in identity theft. Defined as “the crime of obtaining the personal or financial information of another person to use their…

The SolarWinds Hack – It’s Time to Change the Way We Think About Cybersecurity

February 4, 2021
With many still reeling from the aftermath of the SolarWinds hack, enough dust has settled that we’ve started to ask the important questions: How did this happen? What can we do to prevent this in the future? And will it happen again? The good news is that this cyber attack is incredibly…

Considering the Value of Leveraging a Virtual Chief Information Security Officer (vCISO)

January 7, 2021
This post originally appeared on Security Magazine. Ensuring the confidentiality, integrity, and availability of information must be at the forefront of any business in today’s environment. While many think they are up to this task, there’s a lot that goes into protecting data.…

Emergency Directive 21-01

December 15, 2020
The Department of Homeland Security has issued this emergency directive. “DHS DIRECTIVE 21-01 - Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that further persistence mechanisms have been deployed." Visit the DHS Website and…

Major Data Breach May Impact Over 200 Million Accounts: Protect Yourself Today

November 19, 2020
FoxPointe Solutions has been closely following the major data breach that was recently announced involving Cit0day, as well as the subsequent analyses to accurately identify the true risk levels that could be associated with it. Following the emergence of updated forensic reports, it has been…

HITRUST®: Changes Due to COVID-19

November 6, 2020
Like almost every organization doing business in 2020, HITRUST® has had to adopt some changes due to the COVID-19 Pandemic. As the year progressed and we were able to see the long-term impact that COVID-19 has caused, we began to see changes in guidelines and options for HITRUST-related…

Multiple United States Federal Agencies Identify “Imminent” Ransomware Threat to Hospitals and Healthcare Providers

October 30, 2020
Credible information regarding a well-known Russian cybercriminal organization plotting a mass ransomware attack across the United States healthcare industry led officials from the Federal Bureau of Investigation and the Department of Homeland Security to formally warn industry executives of the…

Cyber Threats Remain One of the Largest Threats to our Nation

October 26, 2020
From the nation’s shift to a remotely working culture to the upcoming elections we must maintain our awareness to the importance of Information Security. So far in 2020, there are many significant breaches that remind us of the importance of remaining information security aware and protective…

A Ransomware Guide Summarizing Cybersecurity & Infrastructure Security

October 19, 2020
In 2020, protecting an organization from cyber-attacks means that you need a plan to combat ransomware. Ransomware infections can be expensive, and costs can encompass more than just financial decisions. Paying a ransom to retrieve encrypted data is never an ideal situation and the cost to do so is…

Cybersecurity Awareness Month

October 1, 2020
Every October since 2004 marks National Cybersecurity Awareness Month. This month raises awareness about the importance of cybersecurity and how to protect yourself from cybercrime. Reduce Your Cyber Risk Below are the top 5 things you can do to safeguard yourself: Do not ignore operating system or…

Phishing Campaign Spoofs SBA Loan Offer

September 15, 2020
Phish - SpearPhish now VISH! DON’T GET HOOKED Now is the time to reassess your cybersecurity program and your Computer Security Incident Response Program (CSIRP). The alert below from the FBI and CISA details the VISH risk, but it is up to you to get protected! As always – please let us…

Lawsuits Continue for Albany-Based Accounting Firm That Suffered Data Breach in December 2019

August 13, 2020
As was originally reported by the technology website Ars Technica and by several Albany, NY-based business and news publications such as Times Union, an Albany-based accounting firm recently suffered a ransomware attack most likely from the ransomware ring known as Maze. Maze and other ransomware…
  •   
  •   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 3 / 5
  •   
  •   
  • Topics
  • Authors
  • Data Security (13)
  • Data Privacy (15)
  • Compliance (4)
  • Risk Management (8)
  • Cybersecurity Alert (7)
  • Cybersecurity (25)
  • Archive (34)
  • Charlie Wood | PCI QSA, CISA, CRISC, CISM
  • Carl Cadregari | CISA, CCSFP, CTPRP
  • Allison Hall | PCIP, CCSFP
  • Courtney Caryl | CCSFP, CHQP
Let us show you how we can help
Request Quote
FoxPointe

171 Sully's Trail
Pittsford, NY 14534

Call 844-726-8869
or Contact Us

Subscribe to the Blog

Services
Cyber Risk, Assurance and ComplianceIT AuditPenetration TestingGeneral ConsultingVirtual Chief Information Security Officer (vCISO)
Company
Management TeamAbout UsBlogCareersPrivacy Policy
©2023 FoxPointe
Website by Corporate Communications, Inc.
We use cookies and other technologies to optimize site functionally, analyze website traffic, and share information with our service and analytics partners. To view our Privacy Policy, which discusses cookies, click here. By continuing to use & browse our services, you agree to our Privacy Policy, our use of cookies, and the Terms and Conditions.