23 NYCRR 500

Training Wheels are Off – NYS DFS Transitional Period Finished

The two-year transitional period implemented by the New York State Department of Financial Services (NYS DFS) regarding their Cybersecurity framework, 23 NYCRR 500, finished this past March 1, 2019. This doesn’t mean the work ends here, but essentially it’s just getting started. The state of New York allowed institutions, or covered entities, a 24 month break in period before having to adhere to all phases per year. The training wheels are off and all phases will have to be obtained yearly moving forward.

maintenance

Become a Budget Hero, Use Third Party Maintenance for IT Assets

The first question you may be asking is, “Why should I be considering third party maintenance over OEM maintenance contracts?” The short answer: MONEY

Most buyers who utilize third party maintenance services save up to 50 percent or more over three years, in most cases. In reality though, it isn’t just about the money you could save, excellent service is also an important trait, third party technicians come just as qualified as manufacturer technicians. Third party maintenance requires careful vetting, but in the end, it can be more than worth it.

public sector tech security

Public Sector Tech Security: Take Care Before a Catastrophe Occurs

In today’s world, digital security is more important than ever. Long gone are the days where you only needed to worry about physical security for offices. Now, banks, law offices, government facilities, and private companies all depend on their technology being protected from a range of threats. It’s essential for a seamless continuity of daily life to identify and quickly respond to these threats as they occur.

MTTD and MTTR

What You Should Know About Driving Down MTTD and MTTR

Effectively connect people, process and technology to minimize MTTD and MTTR

There’s a reason it’s said that what gets measured gets managed. In order to successfully achieve a goal, you have to be able to measure progress. It’s the only way to know if you’re heading in the right direction.

That’s why any security operations team worth their salt will be paying close attention to both their mean time to detect (MTTD) and mean time to respond (MTTR) metrics when it comes to resolving incidents.

The average dwell time for attackers still sits somewhere within the ranges of 100 – 140 days and frankly, we can do better. Security operations teams need to be fanatical when it comes to lowering these metrics within their organizations.

Significantly reducing dwell time, MTTD and MTTR starts with an understanding of attacks. From there, you need multiple groups working together in harmony enabled by technology to automate and orchestrate incident response processes.

Am I Already Using the Cloud and is it Safe?

Often when speaking to people about the cloud, their first reaction is that it isn’t safe and they won’t use it. Odds are that they, and most everyone else who owns an Internet connected device, is already using the cloud.

Let’s take a step back and define the cloud. In essence, it’s just a network of servers — which are large, super-powerful computers. Anything that’s referred to as “cloud-based” or “in the cloud” means it primarily lives online, instead of on something physical in your possession like a CD or your computer’s hard drive.

A good rule of thumb for determining whether something is “cloud-based” is asking yourself the following question: Can I easily log into this service from another device, like my phone or a different computer? If the answer is yes, then the service is probably based in the cloud.