Privacy by Design, GDPR Compliance and You

[fa icon='calendar'] Aug 24, 2017 9:27:18 AM / by John Bliss posted in Privacy by design, compliance, Cybersecurity requirements

[fa icon="comment"] 0 Comments

The EU's General Data Protection Regulation (GDPR) has seen data protection driven up on the agenda at banks and insurance providers. Data privacy regulation has moved from a reactive to a proactive emphasis. “Businesses are now scrambling to put in processes and technology so they can care for any personal identifiable information appropriately, and be seen as taking data security seriously or risk punitive punishment.  The impacts of GDPR are felt not only by banks and other financial services companies, but also by the broader ecosystem that encompasses third-party vendors and partners who will also feel the impact of the regulation.

Read More [fa icon="long-arrow-right"]

Consensus Theory Machine Learning reduces "Cyber Ghostbuster" Missions

[fa icon='calendar'] Aug 20, 2017 2:06:23 PM / by Rob Scholl CISO @RISK posted in Cyber attack surface, Privacy by design, MainStreet USA, MME, Cybersecurity requirements

[fa icon="comment"] 1 Comment

As a CISO, my challenge has been to reduce the number of alerts by filtering out the noise generated by a myriad of data sources.  I have to balance the latest "good idea" checklists and frameworks with the budget and staff that I have already.  As an Information Security expert, I have discovered that it is costly both financially and organizationally in staff morale to constantly having to conduct "Ghostbuster" missions that end like bad comedy through chasing ghosts in a machine that alerts us constantly and points us to a dead end.

Read More [fa icon="long-arrow-right"]

ARE YOU READY TO BE COMPLIANT BY AUGUST 28, 2017?

[fa icon='calendar'] Aug 11, 2017 11:40:17 AM / by John Bliss posted in compliance, Cybersecurity requirements, New York Cybersecurity Regulations

[fa icon="comment"] 0 Comments

If you are one of the New York financial services companies and still busy preparing to be compliant with the first part of New York Cybersecurity Regulations by the deadline - August 28th, 2017. Here is what you should know.

Read More [fa icon="long-arrow-right"]

At Risk Technologies & MainStreet USA

[fa icon='calendar'] May 14, 2017 5:46:15 PM / by Darren Morris posted in MainStreet USA, MME, Mid Market Enterprise

[fa icon="comment"] 0 Comments


INTRODUCTION:

@RISK Technologies, a Strategic IBM OEM World Wide partner, is here to protect America's Mid Market corporations from cyber crime. The Cyber threat that is out there today is real, complex, and evolving. Corporations have been unable to protect themselves and slow to identify when they have been breached. 147 days is the average amount of time before a business realizes it has been breached and normally it finds out through a 3rd party disclosure. 

  • @RISK’s intent is to stand between the threat and its Customers while enabling an Intelligent Security posture.
  • Our technology was designed to pre-empt bad activities while averting costly and lengthy incident response checklists and Digital Forensic Investigations
  • Automates costly methods using machine learning, @RISK will save our Customers money. 
Read More [fa icon="long-arrow-right"]

About At Risk technologies

[fa icon='calendar'] May 14, 2017 4:57:23 PM / by Allen Mitchell posted in Cyber attack surface

[fa icon="comment"] 0 Comments


INTRODUCTION OF @RISK:

@RISK Technologies, Inc., an IBM World Wide Strategic Embedded Solutions Partner, includes team members with decades of experience:

  • Composed of former IBM & MIlitary leaders they have supported the Department of Defense (DOD), U.S. Intelligence Agencies, U.S. Special Operations, the United States Army, the United States Marine Corps and the DOD CIO.
  • Over 50% of the team maintains Top Secret Security Clearance
  • Over 150 years of team experience at IBM
Read More [fa icon="long-arrow-right"]

Cyber Insurance & "Left of Bang" Technology

[fa icon='calendar'] Apr 5, 2017 6:36:07 PM / by Allen Mitchell

[fa icon="comment"] 0 Comments

Cyber Insurance working with Cyber Defenders:

Cyber Situational Awareness is achieved by measuring the Cyber Attack Surface.

  • It’s better to detect sinister intentions early
  • Than to respond to compromised networks and conduct cyber forensics actions late

@RISK technologies employs and emphasizes the network-saving importance of cyber situational awareness.  Left of Bang, is a reference to the cyber attack timeline of a cyber incident.

  • “Bang” is when malware is deposited, the attack begins, or damage is done.
  • On a timeline moving from left to right, “right of bang”” is what happens after the incursion begins. In the worst-case scenario, you’re a casualty when you are to the right of bang.
  • Therefore, you need to stay to the Left of Bang! In that area you need to be alert, ready, prepared, and able to respond before the bad stuff happens.

Getting  Left of Bang and achieving situational awareness is possible by recognizing certain revealing characteristics that will enable one to detect potential attackers in time to avoid or upset their nefarious intent.

Read More [fa icon="long-arrow-right"]

Privacy by Design:  Thoughts from the CPO

[fa icon='calendar'] Apr 5, 2017 1:31:48 PM / by John Bliss posted in Privacy by design, cyber

[fa icon="comment"] 0 Comments


PRIVACY BY DESIGN:

Privacy by Design is an approach to systems engineering which takes privacy into account throughout the whole engineering process. The concept is an example of value sensitive design, i.e., to take human values into account in a well-defined manner throughout the whole process and may have been derived from this.

Given recent events in the Market, embedding a design based approach to privacy is prudent:

Read More [fa icon="long-arrow-right"]

@RISK Bank Testimonial

[fa icon='calendar'] Apr 4, 2017 4:32:04 PM / by Barry Eldridge posted in Customer Testimonial

[fa icon="comment"] 0 Comments

A Banking IT Professional's experience with @RISK Technologies
  • Roles: early adopter, information technology, cyber security
  • Goals: improve business outcomes while reducing risk
  • Challenges: lack of cyber staff, professional development, evolving cyber threats
  • Age: 35-45
  • Income: 150,000 - 200,000
  • Education: BS Computer Science & MBA
  • Location: Pennsylvania USA
Read More [fa icon="long-arrow-right"]

What is a "Cyber Attack Surface?"

[fa icon='calendar'] Apr 3, 2017 5:28:10 PM / by John Santorum posted in Cyber attack surface

[fa icon="comment"] 0 Comments

Many define an attack surface as the total sum of the vulnerabilities in a given computing device or network that are accessible to a hacker.  As a Cadet at the Citadel, I learned that vulnerabilities are the dynamic interplay between Gaps and Capabilities.

Read More [fa icon="long-arrow-right"]

Cyber is Polymorphic "so what?"

[fa icon='calendar'] Mar 22, 2017 4:29:58 PM / by Rob Scholl CISO @RISK posted in Cyber attack surface, polymorphism, polymorphic

[fa icon="comment"] 2 Comments


INTRODUCTION TO POLYMORPHISM:

Every time you turn on the TV, or view social media, you can’t help but be overwhelmed with discussions around cyber security and hacking. Leaders of agencies, military units, or industries, consistently yield an interesting and recurring theme:

Cyber Security is "polymorphic."  Polymorphism, polymorphic or polymorph, from the Greek words poly ("many") and morphe ("form, shape, structure"), may refer to computing and science,  

  • Cyber Polymorphism represent the ability in computer programming to present the same programming interface for differing underlying forms (data types, classes) and then the substrate of Cyber extends all the way to how it is encoded.
    • Polymorphic code, self-modifying program code designed to defeat anti-virus programs or reverse engineering
Read More [fa icon="long-arrow-right"]