Blog

Blog2017-06-22T20:19:36-04:00

Don’t be like Chicken Little, but don’t ignore Cassandra either

Cassandra, a priestess of Apollo in Greek mythology cursed to utter true prophecies, but never to be believed   On my first day of the Marine Intelligence School, my instructors warned the class not to fall into one of the following two categories: 1) Apathy. When reading classified intelligence reports, it's easy to feel overwhelmed and discouraged by bad news. “The world is so messed up, there’s nothing we can do about it.” 2) Panic. It’s easy to become ‘Chicken Little’ ("The sky is falling") when exposed to the chaos in the world. Given the latter, I try not to [...]

By |May 18th, 2020|

Stop the music! Law firm hack foreshadows celebrity doxing

Once again, a major New York law firm was hit by a ransomware attack, exposing their client’s personal and private information - several of whom are prominent musicians. The specific ransomware, commonly referred to as REvil or Sodinokibi, has done significant damage since being introduced in 2019. Viewed in isolation, this event - this specific attack and its effect on these unlucky celebrities - seems almost run of the mill. After all, the event involving Panamanian law firm Mossack Fonseca & Co, more commonly known as the “Panama Papers” caused turmoil in the release of 11.5 million leaked encrypted confidential [...]

By |May 15th, 2020|

Financial repercussions for Marriott in wake of data breach

Day by day, we gloss over the latest breach news without connecting the event with our own company. Data breach cases are daily events in the media, so even a well-read businessperson can be lulled into 'data breach fatigue.' While the reputational damage of a data breach incident is easy to see and feel, financial liability is harder to quantify from a distance. Cautionary tales abound, and here's a prime example. In November 2018, Marriott announced that it had been the target of a massive data breach. Hackers gained access to Marriott and Starwood’s guest information database. Over the prior [...]

By |April 28th, 2020|

Surviving the Economic Typhoon

How large companies can do their part for small businesses In stormy seas, it’s better to be on a capital ship than a smaller one. For those familiar with Naval History, Typhoon Cobra, did significant damage to the US Fleet in December 1944. The smaller escort destroyers, without sufficient fuel reserves to use as ballast or for maneuvering, were hardest hit. Three capsized with the loss of 790 crew. Today, we face a similar crisis. As the economy comes to a halt due to the coronavirus (COVID-19) many small businesses are going to suffer the worst. Small business is the [...]

By |March 22nd, 2020|

Why Layer 8 Security Became HITRUST Assessors

  For years we were asked if we could provide a 'seal of approval' or a 'certified by…' graphic for our clients. We always ensured that our clients were adhering to their necessary standards, but a seal of approval, or a certification, or a one-size-fits-all framework just wasn’t available. The approach used in the HITRUST CSF (Common Security Framework) greatly reduces the level of effort required for organizations’ assessment and reporting processes, and thus saves substantial time and money. This is why we became an authorized HITRUST External Assessor. To help organizations reach what we see as the gold standard [...]

By |March 13th, 2020|

Cyber Considerations For Your COVID-19 Planning

Cyber Considerations For Your COVID-19 Planning Managing Remote Workers, Thinking of Business Continuity, Disaster Recovery, and More For the first time in a long time companies need to manage the extremely disruptive effects of a novel virus. In response, businesses are changing the way they operate to limit the risks to employees and customers. To further complicate matters, businesses are also having to respond in a way that adheres to the cybersecurity practices that have become marketplace standard. This is also a first. It’s fair to say that companies who do a better job integrating these practices into their virus-adjusted [...]

By |March 12th, 2020|

Leadership Musings by JPL #3

One of the most rewarding things we as leaders get to do is see our teammates succeed and receive promotions. Regardless of occupation (military or otherwise) seeing our colleagues grow in their careers is very fulfilling. I was honored on Sunday to attend the promotion ceremony of Major Samuel (Sam) Nop, Pennsylvania Air National Guard. Sam used to work for me at Marine Air Group 49 as a Corporal of Marines. At one point, Sam came to me and let me know he wanted to join the Air Guard. To paraphrase him from his promotion speech, “It felt like I [...]

By |March 11th, 2020|

The Answer to Your Data Risk Management and Compliance Dilemma

Written by Mariano Mattei and Sanya Dayo -- Is your company undergoing a digital transformation? Look around your industry. Most likely your competitors are in a mad dash to gather and use data more effectively, to enter new markets and/or to surpass their competition. This ever-growing body of data offers organizations great power, and with great power comes great responsibility. In response, both the government and your third party partners are rightfully mandating that companies protect data, and ultimately, protect consumers. [ Read: Data Privacy Law Makes Landfall in California ] What is your level of responsibility? For a quick [...]

By |February 24th, 2020|

The Trend from 2019 You Didn’t Expect

Biggest trend in 2019 - Executives let their IT departments determine the risk level of the entire company. What actually happened in 2019? Increase in Ransomware Increase in Business Email Compromise Increase in compliance driven by clients Increase in compliance driven by EU and (incoming… California) What should you be doing in 2020? Avoiding phishing and social engineering attempts Using a password manager AND not repeating your passwords Use multi-factor and advanced biometrics when available Shocked by any of this? Maybe not because it’s all been said before. Probably because these were the trends in 2017, and in 2018 too. [...]