In this post, we will discuss the top ten reasons many Data Loss Prevention (DLP) Programs fail and how organizations can address those issues to ensure Data Loss Prevention Systems can be leveraged to build a solid foundation for an Information Security program. Doing so will position an organization to build more advanced information protection capabilities like Data Protection in the cloud, and rights management and encryption strategies to protect…
How Secure is Your Drone – An InteliSecure Skunk Works Post
The following blog post comes from InteliSecure’s research team. Skunk Works blog posts are more technical in nature, investigating security issues from an engineering standpoint. They range anywhere from providing information on faulty coding and fixes to testing consumer products. Drones have become ubiquitous over the past few years. Many organizations are now using them to help with things such as search and rescue, geographic mapping, storm tracking and more.…
Insourcing vs. Outsourcing Security Resources
I was recently having coffee with a person that could best be described as a mentor, consultant and investor in me. During breakfast, he asked me a simple question that has been burning in my brain ever since. He said “You spend a lot of time educating people on how to build effective programs, but have you ever considered explaining to them why they may want you to run those…
Lessons Learned from the WannaCry Ransomware Outbreak
Introduction On Friday May 12, 2017 news broke of a widespread ransomware outbreak known as “WannaCry” or several similar variations of similar names. Much has been written about the outbreak itself related to the apparent origins being rooted in the confluence of vulnerabilities stockpiled by the United States’ National Security Administration (NSA), which were stolen and linked by the “Shadow Brokers” organization, and hacking tools developed by the Central Intelligence…
Chinese Data Privacy Regulations
Disclaimer: Neither InteliSecure nor the author of this post is purporting to offer legal advice in this blog. The author is not an attorney nor is InteliSecure a law firm, nor is either party making a representation on behalf of a law firm. Nothing in this blog should be construed as legal advice and should not be relied on as such. Introduction to Chinese Data Privacy The European Union’s General…
Understanding GDPR
Disclaimer: Neither InteliSecure nor the author of this post is purporting to offer legal advice in this blog. The author is not an attorney nor is InteliSecure a law firm, nor is either party making a representation on behalf of a law firm. Nothing in this blog should be construed as legal advice and should not be relied on as such. There are still many questions organizations around the world…
The Differences Between Audits, Security Assessments and Penetration Tests
We live and work in a world where malicious activity and cyber crime run rampant. While online fraud and data theft have existed since the origin of the internet, never before has it seemed to be as pervasive as it is today. Every day there seems to be a new headline about ‘XYZ Company’ coming under attack or having a massive data breach occur. On top of that, in the…
From the Office of the CTO: Building Effective Insider Threat Programs
Three Short Stories To begin this latest post and in order to properly frame the Insider Threat conversation, rather than use obscure statistics in an effort to convince you that you should be suspicious of all your employees and coworkers, I think it is much more effective to tell you a few stories. None of these stories come from my clients and none of this information is privileged. You can…
The Importance of Data Security and Insider Threat Programs in Mergers and Acquisitions
Mergers and acquisitions have become an important part of many organizations’ growth strategy. In most large transactions, countless hours are spent on due diligence, whether that due diligence is related to the financial health of the company, compliance with applicable regulations, or a variety of risk factors. Refreshingly, cybersecurity has emerged as a risk factor that is getting significant attention as part of the due diligence process. However, there is…
Research and Development into Commercial and Domestic Alarm Systems
As part of my Radio Frequency research, I wanted to not only look at vehicles but also household name burglar alarm systems. To that end I decided to look at three main manufacturer types that seemed to take a large portion of the market share. My findings concerned me, especially how some of them were trivial to bypass and disarm. One of the alarms did come out on top, however,…