FoxPointe Security Hub

In all of my years in information technology and information security, I was trained to reduce the risks of a computer virus. Never in my wildest imagination did I think I would have to deal with risks related to a different type of virus – a biological one. While it may not be apparent at a…

This past December, the Office of the Comptroller of Currency (OCC) released the fall edition of its Semiannual Risk Perspective, a report that addresses key issues facing Financial Institutions, focusing on those that pose threats to the safety and soundness of banks and their compliance with…

CrowdStrike, an industry-leading next generation anti-virus software as a service solution provider, recently published a report of its observations from its incident response investigations that it conducted during 2019. The report is the product of numerous investigations, pulling in data from a…

Investment risk management is ultimately about protecting and growing your assets over your time horizon. This involves addressing the aspects of your investment program that can be controlled and then minimizing your exposure to what cannot be controlled. Information Technology (IT) risk management…

The healthcare industry is one of the biggest targets of cybersecurity attacks, both domestically and internationally. With the amount of private data that these organizations have, including protected health information (PHI), healthcare organizations should learn from previous attacks and/or…

Two weeks ago, the United States launched an air strike targeted at the Iranian Military and subsequently led to the assassination of the Iranian military leader Qassem Soleimani. In a response from Esmail Ghaani, Soleimani’s replacement as the head of the Iranian Army, promised harsh revenge…

Last week, the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) released a joint alert focused on notifying financial institutions that an increasing number of cyberattacks utilizing the…

HITRUST puts on regular webinars to help educate individuals on the components, tools, and programs offered by the organization. As a HITRUST CSF Assessor, we make it a point to attend these webinars to stay up-to-date on the latest information. The webinar I listened to on 12/11 covered…

On the heels of New York passing the Stop Hacks and Improve Electronic Data Security (SHIELD) Act in September 2019, the IRS issued a warning to tax preparers and accounting firms to ensure that they appropriately secure their customer data against the “evolving” and…

Recently, HITRUST established a new quality assurance (QA) subcommittee of its Board of Directors and introduced several new assurance advisories. These updates impact Certified Common Security Framework Practitioners (CCSFP), individuals who have completed and maintained training and certification…

In the not so distant past, the threat of a person or people stealing money or assets from your business was limited to a lack of physical security or a malicious employee. Businesses utilized safes, video surveillance systems, internal controls and audits to keep their...

Today marks the beginning of National Cybersecurity Awareness Month. From CEOs to college students, cybersecurity is on everyone’s radar; and cyberattacks aren’t going away anytime soon. For businesses, it’s not a matter of if a breach will occur but when – an incident is…

Don’t hesitate to develop and implement a cybersecurity response plan this school year. These days, it’s more likely than not that when you open your daily newspaper or scroll through your newsfeed, you’ll see coverage of a cyberattack impacting both businesses and consumers.…

In July, I had the opportunity to attend the International Conference on Cyber Security (ICCS), a meeting held every other year at Fordham University’s Lincoln Center campus. This gathering offers enterprise risk management, cybersecurity law enforcement and private sector professionals from…

Microsoft is currently urging Windows 10 users to update their systems to address severe vulnerabilities. Despite the warning, many Windows users will undoubtedly be infected by malware exploiting these weaknesses in the system. Here are four things all Windows users need to know about this…

As cyber threats evolve and grow, it’s not a matter of if a cyberattack will occur but when – or worse, has it already happened, and you just don’t know it? As a result of the ever-changing technology landscape and the increasing frequency of breaches, the New York State…

With the increasing number of security and data breaches being identified, cybersecurity has gained global and local attention.  Increased emphasis and scrutiny from regulators, including the Federal Financial Institutions Examination Council (FFIEC), will be bringing cybersecurity awareness to…

IBM and the Ponemon Institute recently released their annual Cost of a Data Breach report and found, not surprisingly, that the frequency and cost of data breaches are continuing to rise. The survey was performed over a 12-month period and included feedback from more than 470 companies worldwide.…

The importance of vendor management continues to rise across all industries, especially given the large growth in outsourcing functions to a third party. According to recent information security studies, third parties are the number one security risk to financial services and 60 percent of all…

A lot of buzz has been generated in the world of compliance, for good reason, regarding the recent implementation of the EU General Data Protection Regulation (GDPR).  The new regulation went into effect in May 2018 and was designed and intended to clear the haze around data privacy laws across…