For the legal industry, the cybersecurity goals of protecting proprietary information, data, and systems go hand in hand with client confidentiality. Yet, one in four legal firms experiences a data breach, and many firms still do not understand law firm security requirements or cybersecurity policy requirements.
Blog
-
Overview of NIST 800-171 Revision 1
The National Institute of Standards and Technology (NIST) published its first draft of Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, back in December of 2016. It’s undergone several revisions since then, with the final version of NIST 800-171 Revision 1 published in 2018 (and Rev 2 in 2020).
-
Advanced Cybersecurity Guide to FAIR Assessment Methodology
The FAIR risk assessment methodology aims to find cybersecurity vulnerabilities within a system. Factor Analysis of Information Risk (FAIR) is a framework that provides defense against online threats by using mathematical concepts of precision and accuracy. (more…)
-
How Fintechs Should Evaluate Potential Cybersecurity Partners
Holmes and Watson, Calvin and Hobbes, Solo and Chewbacca, Fintech and Cybersecurity, what do these have in common? They are an iconic long-lasting partnership that is meant to be. Well implemented cybersecurity for financial services shows that cybersecurity partnerships are a must for maintaining consistently high levels of security.
-
Vulnerability Management for Internet of Things (IoT) Security
Smartphones, smartwatches, smart fridge, smart tv, but what about smart security? Organizations realize that IoT (internet of things) security is rapidly becoming the new frontier for their security ecosystem.
-
Top Six Incident Response Tabletop Scenarios
An incident response tabletop scenario is an exercise where security teams discuss, in a classroom-type setting, their roles in response to an emergency. This discussion is usually conducted by a trained facilitator who guides the team through multiple scenarios and determines their readiness or potential gaps in their response process.
-
Constructing a Cyber Risk Assessment Questionnaire for Your Business
Constructing and effectively using a cyber risk assessment questionnaire is one of the cornerstones of a security leader’s job to successfully evaluate risk. A risk assessment is a thorough look at everything that can impact the security of your organization. When done correctly, it can shed light on any potential risks and their respective priority.
-
What are the Stages of the Vulnerability Management Lifecycle?
The Vulnerability Management Lifecycle is a cybersecurity practice that helps fortify an organization’s readiness to anticipate and handle attacks.
-
What Types of Cybersecurity Partners Should Law Firms Consider?
Law firms are attractive targets for cyber criminals. While the information they harbor isn’t as closely protected as that of the healthcare industry, it can be just as sensitive, if not more so. A data breach could lead to financial damage, whether fraud, theft, or ransom. Thus, it’s imperative to develop a cybersecurity plan for your practice. The various cybersecurity requirements for law firms impact not only the attorneys on staff, but also the many clients you have a duty to protect.
-
Top 5 Industries That Need The CIS Security Control Framework
The introduction of new technologies has many industries peddling on the backfoot when it comes to cybersecurity. The CIS critical security controls framework addresses the issues that industries face when it comes to best practice cybersecurity.