Invoice Fraud is Soaring – What you need to know

April 23, 2019 | By:

Organizations are losing thousands—and sometimes millions—of dollars from invoice fraud, which is also known as Business Email Compromise (BEC). At TrustedSec, we have seen a marked uptick in panicked, embarrassed, and/or angry folks reaching out to us for Incident Response and forensics work following a scam. Sometimes, organizations are able to recover some or all…


Top Six Security and Risk Management Questions

March 12, 2019 | By:

Recently, Gartner put out a report on the top 10 inquiries regarding security projects. The report is based on their analysis of over 10,200 client interactions covering relevant security and risk management topics from July 2018 through January 2019 (see the research here). Interestingly enough, Trustedsec has heard similar inquiries regarding product offerings in discussions…


Few cons to bringing in the pros: Why should you have a third-party risk and security assessment?

January 10, 2019 | By:

At TrustedSec, we get about 400-500 inquiries for security assessments every year.  Some of the questions we still hear quite often are: Why does our company need to do a risk and security assessment? Why can’t we just do it ourselves? We already know we’re terrible—why do we need you to tell us that? There…


Highlights from the NIST Cybersecurity Risk Management Conference

November 20, 2018 | By:

NIST hosted a CyberSecurity Risk Management Conference from November 8th through the 10th.  The event was expanded and improved from previous NIST workshops, which were more government focused. Thus for this conference, they wanted the same spirit of gaining stakeholder input on the frameworks and general cybersecurity areas, but with a much greater attendance and…


Webinar: vCISO vs CISO – Which is the right path for you?

September 28, 2018 | By:

Please note: this webinar was completed on on Wednesday, October 17th, 2018 AT 1:00 PM EDT Organizations are facing a dangerous combination of mounting cybersecurity threats and a widening gap in the skills required to identify and combat them. There is continuing pressure to keep our information secure and breach-free, and to create leadership roles…


Top 8 To-Dos for IoT Security

August 01, 2018 | By:

Let’s say you run an operational environment and you’ve spent years figuring out how to keep your production processes and core, life-enabling systems running at high efficiency and efficacy. But now, your IT group wants to connect your production and control systems to outside networks as part of new “IoT” (Internet of Things) initiatives. You…


How IoT and Digitization Are Driving Renewed Demand for Segmentation

July 11, 2018 | By:

Background The idea of Segmentation is pretty simple: put your crown jewels (i.e. your highest risk assets) in a small container, then heavily secure and monitor that. It is simply too difficult to secure everything equally. Why Now? With “digital” drivers to improve experiences, automate operations or change business models, there is now a need…


Webinar: IoT Security – Getting ahead of the digital impact to your business

July 09, 2018 | By:

– Recorded on July 25th, 2018 AT 1:00 PM EST – The End of the Beginning After 3+ years of hype, where are we now with Internet of Things security, and where are we going? There is continuing pressure to keep our business “things” secure and breach-free.  With crashes and attacks now being reported regularly…


Penetration Testing has gotten tougher – and why that increases your risk

June 04, 2018 | By:

There’s been a radical shift in the assessment industry over the last couple of years. We’ve all probably heard that Artificial Intelligence, Machine Learning, User and Entity Behavioral Analysis, Analytics, Detection and Response tools, etc., are advancing and improving defensive postures.  According to Gartner, annual spending on defensive security technology will exceed $82 Billion dollars…


Bridging the Cybersecurity Culture Clash

October 10, 2017 | By:

Why Derbycon is so good for the security community I had a chance to go to Derbycon for the first time this year.  I was amazed at how great it was and a lot of fun of course, but there was more to it than that. I’ve been to many regional conferences, as well as…