Towerwall's InfoSec Blog

Towerwall & SnoopWall Complimentary Webinar: Breach Prevention & Near-Term ROI Tuesday, July 26 11:00am – 12:00pm EST

Thanks to all who attended and sponsored our 2016 Information Security Summit. It was a great turnout where we discussed a number of issues and threats facing infosec today. We were happy to see attendees share ideas and continue the discussion online with #summitbuzz16 Here are some of the topics discussed at this year's summit:

Click here for more information & to register! Please save the date and plan to join us for this timely forum on what you need to know about the latest security issues, threats, and technologies that will help you protect your business!

10. A hedge against a breach A virtual chief information security officer can serve as security consul or as an interim CISO to fill the gaps during a planned information-technology security policy review. Better to be safe than sorry.

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we're going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs. These concepts are encapsulated in CSCs 4, 5, and 6. You should develop stringent policies, consider devoting resources tofalse

Vendors and other third parties should be treated with the same level of intense scrutiny as your own in-house risk compliance mandates. How seriously is your company treating the risk of a data breach? Have you done due diligence on all of your vendors and third-party partners? Cyberattacks can have a devastating impact in terms of reputation and customer trust. It takes time and resources to deal with the fall out. The true cost of a serious data breach is hard to calculate.

by Sarah Kuranda Sophos is launching a new technology Monday that synchronizes threat intelligence and automation across endpoint and network levels. Sophos Security Heartbeat, part of the Oxford, England-based company's new XG firewall series, links together the company's next-generation firewall and UTM solutions with its next-generation endpoint technologies. In doing that, the company said, it is able to improve security across a company's environment in real time, with improved context,false

Non-compliance is a risk, and the Attorney General's office carries a big stick for those who don't follow the rules. If you don't have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that you must take steps to safeguard personal information. They vary in strictness, but there are nearly 50 different regulations you need to cater for if you're doing businessfalse

Cybersecurity is only as strong as the weakest link. If your organization is using third-party vendors, policing their activity is critical to cybersecurity. Few can forget the theft of 110 million customer credit cards from Target in December 2013. But not as many know how hackers gained access to such a vast amount of sensitive information. How'd they do it? By compromising the security of a third-party vendor, a Target branch store's HVAC provider.

Falling victim to a ransomware attack is most definitely inconvenient, but it could also serve as a wake-up call to the importance of backing up important data. You're minding your own business, sitting at your office computer. Suddenly, a pop-up appears – with the logo of the FBI – warning that you're under investigation for trafficking in child pornography. Your computer locks up. The message also instructs you to pay a fine with a gift card or money order, or risk being arrested. In returnfalse