RSI Security

Blog

  • What is the Red Flag Rule?

    What is the Red Flag Rule?

    Identity theft affects millions of people every year. It carries a high cost for both individuals and organizations, so regulations require many financial institutions and creditors to protect account holders against identity theft. The patterns and activities used to recognize identity theft are called red flags, so these regulations are known as “the Red Flags Rule.” (more…)

  • Webinar Recap: ROI with a HITRUST Certification – Measuring the Benefits

    Webinar Recap: ROI with a HITRUST Certification – Measuring the Benefits

    RSI Security hosted a webinar on measuring the ROI and benefits of HITRUST certification. Tom Glaser, a Security Assessor with RSI Security, led the presentation. (more…)

  • Top 8 Cyber Security Problems a vCISO Can Help Solve

    Top 8 Cyber Security Problems a vCISO Can Help Solve

    Protecting network resources and data from unauthorized access, compromise, and destruction is an organization-wide priority in today’s highly connected world. The role of a Chief Information Security Officer (CISO) is to strategize and manage these efforts, overseeing the identification, analysis, and remediation of various cyber security problems. A virtual CISO (vCISO) fulfills the same role via outsourcing, solving security issues and optimizing cyberdefense ROI. (more…)

  • How to Leverage a Firewall Security Audit Report

    How to Leverage a Firewall Security Audit Report

    computer

    One of the most essential components of any cyberdefense program is a powerful firewall configuration. Two ways to ensure your firewalls and web filters are operating at maximum capacity involve the application of robust analytics via firewall penetration testing tools and firewall security audits. (more…)

  • How Baiting Social Engineering Scams Target Organizations

    How Baiting Social Engineering Scams Target Organizations

    Cybersecurity has never been more indispensable than it is today; the internet is shapeshifting every year, not over decades. Social engineering scams exploit both the vulnerabilities that arise from these changes and human psychology.They are responsible for a significant portion of online fraud—attack volume and financial losses. Baiting social engineering scams represent one of the most common attacks used by cybercriminals. (more…)

  • Information Security Program Development: Top Strategies and Solutions

    Information Security Program Development: Top Strategies and Solutions

    pen test

    A comprehensive information security program utilizes multiple strategies, solutions, and layers to achieve a level of security that sufficiently protects against modern hackers, viruses, and other cybersecurity threats. Via comprehensive information security program development, IT leaders can establish a framework that defends their organization’s entire digital environment and the assets contained within. (more…)

  • What is a Pretexting Social Engineering Scam? And How Can You Prevent It?

    What is a Pretexting Social Engineering Scam? And How Can You Prevent It?

    Strategy

    Your organization may have sound policies for information and technology use, but threat actors will always go for the weakest surface of the cybersecurity program: the workforce.  According to Verizon’s 2021 Data Breach Investigations Report, 85 percent of all breaches involved the human element of cybersecurity. Therefore, pretexting social engineering remains a top concern for organizations. (more…)

  • Is Penetration Testing Compulsory for My Business? Pen Testing Requirements, Explained

    Is Penetration Testing Compulsory for My Business? Pen Testing Requirements, Explained

    threat

    Penetration testing, also known as pen-testing, makes it easy to uncover exploitable vulnerabilities and other flaws in your network security. But with new threats emerging on a daily basis, some are left wondering: is penetration testing compulsory for my business? If so, what are the requirements for maintaining compliance? For some compliance frameworks, such as the PCI DSS, pen-testing is required. For others, it’s strongly advised. (more…)

  • Top 2 Kinds of Cloud Security Tools

    Top 2 Kinds of Cloud Security Tools

    With advances in cloud computing, many organizations are looking to manage their computing resources via cloud-based solutions. While cloud computing offers greater computing flexibility, gaps in cloud security can leave organizations vulnerable to sophisticated cyberattacks. Your organization can benefit from cloud security tools to protect valuable cloud-based assets from security threats. Read on to learn more about the top cloud security defenses. (more…)

  • What is Identity Lifecycle Management?

    What is Identity Lifecycle Management?

    Identity lifecycle management (ILM) is one of the cornerstones of identity and access management (IAM). Keeping your organization’s data secure against all threats requires diligent, ongoing user account management and monitoring. (more…)