CYBERSECURITY

When Can You Deduct Data Breach Costs?

Cybersecurity routinely tops the charts as one of business owners’ most pressing concerns. Data loss can obstruct day-to-day operations, put a stain on the company’s public standing, and be quite costly, but business owners should also be aware of how data loss and its prevention can impact their tax liability. Tax Implications of Data Breach [...]

2021-03-08T13:07:44-06:00March 8th, 2021|BUSINESS TAX, CYBERSECURITY|

How Does Your Industry Affect Your Cybersecurity Risk?

The consequences of a cybersecurity breach can be dire for any business, no matter your company’s size or the industry in which it operates. But your cybersecurity risk is driven largely by what you’re trying to protect — and those valuables are very much tied to your industry. So: How is risk calculated, and what [...]

2021-02-10T12:57:25-06:00February 10th, 2021|CYBERSECURITY|

Cybersecurity Trend to Watch in 2021: Cyber Supply Chain Risk

The year 2020 exposed many vulnerabilities. We’re all well aware of the public health risk posed by close personal interactions with our network of contacts. We’re also waking up to just how vulnerable we are to cyber attacks via our networks of third-party providers. Although supply chain risk has received increasing regulatory attention in recent [...]

2021-02-08T14:43:40-06:00February 8th, 2021|CYBERSECURITY|

Security Implications of a Remote Work Environment

COVID-19 has transformed the traditional office environment in 2020 by creating an army of remote workers. For many businesses, workforces will be almost entirely remote through at least the end of the year. While this model brings benefits for companies and employees alike, it also brings challenges, including the need to rethink IT security risks. [...]

2020-09-22T14:57:10-05:00September 22nd, 2020|CYBERSECURITY, INTERNAL CONTROLS|

Social Engineering Attacks: Considerations for SMBs

When most people think of someone hacking their business, they picture sophisticated cybercriminals infiltrating the network, breaking password protocols, and penetrating the firewall. Although that can happen, it’s very rare. Instead, social engineering is behind most cyberattacks, from high-profile data breaches at the largest corporations to ransomware and other attacks that many small and middle-market [...]

2020-09-22T12:02:55-05:00September 22nd, 2020|CYBERSECURITY|

Cybersecurity Tips for Working From Home

With the COVID-19 pandemic changing the way we work, workforces are seeing a shift towards a completely remote work environment. If you are making the shift, we've compiled a helpful list of security tips to keep in mind if you are using your laptop at home: Make sure you limit physical access to your work [...]

2020-03-25T18:11:55-05:00March 25th, 2020|COVID-19, CYBERSECURITY|

How Can CFOs Improve Cybersecurity? Start with the Numbers

The CFO is an important ally in the fight to keep information and IT assets safe and secure. “Given the risks that cybersecurity threats pose in a technology-driven, global economy, today’s CFO must ensure that adequate steps are taken to protect the company’s reputation, stock price, and mission-critical assets,” said information security expert and former [...]

2019-09-05T10:39:29-05:00September 5th, 2019|BUSINESS CONSULTING, CYBERSECURITY|

Who’s Afraid of the Big Bad Capital One Breach?

Headlines about data breaches seem to hit us nonstop. The March 2019 hack of Capital One’s databases exposed the personal information of over 100 million people. Capital One says its stolen data probably wasn’t used by the hacker or disseminated to anyone else, but even if that’s true, data breaches are all too common. Equifax [...]

Should Your HITRUST CSF Assessor Be a CPA Firm?

In today’s hyperconnected environment, many different stakeholders expect assurance regarding your information security practices. Increasingly, major companies are expecting their business partners to achieve certification against the HITRUST Common Security Framework (CSF). This robust risk management framework builds on many established security and data privacy standards, such as the ISO 27000 series, HIPAA, PCI Data [...]

For Strong Data Security, Give Your Employees Some Backup

You may already know that the biggest data security risk for businesses of all sizes is employee negligence. People fall for simple phishing scams and leave their work phones unlocked, and we’ve all seen that file named “passwords.txt” right on someone’s desktop. Data security training is crucial, and it can go a long way toward [...]

The Impact of the New Data Security Law for Insurance Providers

As of May 1, 2019, Alabama became the latest state to sign into law heightened standards within the insurance industry for cybersecurity and data privacy. The new Law implements an exhaustive set of requirements for data security pertaining to entities or individuals licensed through the Department of Insurance. Both persons and institutions have one year—until [...]

What You Need to Know Before Engaging in a NIST CSF Assessment

The National Institute of Standards and Technology (NIST) has created a Cybersecurity Framework (CSF) that suggests procedures and controls that help enhance an organization’s cybersecurity posture. An independent NIST CSF assessment conducted by a CRI professional assesses an organization’s specific cybersecurity needs using five distinct functions, from what precautions need to be in place to [...]

2019-08-19T21:25:49-05:00August 19th, 2019|CYBERSECURITY, NIST|

Understanding the Benefits of Engaging in a NIST CSF Assessment

A cyber breach can have potentially devastating effects on a company. It can erode public trust, cause millions of dollars in losses, and even lead to fines and lawsuits. In order to help organizations improve cybersecurity, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF), which provides several guidelines related to [...]

2019-08-15T22:07:26-05:00August 15th, 2019|CYBERSECURITY, NIST|

Are You Considering a NIST CSF Assessment for Your Organization?

In February of 2013, Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” was introduced as a means of sharing cybersecurity threat information. The goal was to build a framework around standardized security for the United States to reduce potential risks to critical infrastructure. One year later, the National Institute of Standards and Technology released version 1.0 [...]

2019-05-29T10:51:28-05:00May 6th, 2019|CYBERSECURITY, NIST|

4 Steps to Assess Your Cybersecurity Risk

Do you know where an attacker could break through your company’s cyber defenses? Chances are, there are more points of vulnerability than you realize, and the stakes are high to protect what’s important. Customers, employees, regulators, boards of directors, and many other stakeholders hold businesses accountable for securing sensitive data. Customers in certain highly regulated [...]

2019-03-19T10:01:56-05:00September 20th, 2018|CYBERSECURITY|

Start From the T.O.P Down: Ways You Can Improve Your Organization’s Cybersecurity

Until the last couple of years, data breaches seemed to be the domain of major corporations—Target, Home Depot, Sony, JP Morgan. However, in recent years, as businesses of every size become increasingly reliant on data and information systems, it is becoming clear that no business is too small to be a target. And yet, only [...]

2019-02-15T11:40:37-06:00May 24th, 2018|CYBERSECURITY|

Will Your Cybersecurity Defense System Protect Your Organization?

For a homeowner, the knowledge that a trained eye has evaluated the home security system — and attested that it is in good working order — can go a long way toward a good night’s sleep. The same goes for business owners and executives in charge of keeping the company’s digital assets safe. Recent global [...]

2018-11-12T15:42:56-06:00March 12th, 2018|CYBERSECURITY|

Protecting Your Company Against Executive Impersonation Fraud

A company’s employees are generally expected to strive to protect the organization from a cybersecurity breach. Yet, thousands of team members unknowingly allow imposters to infiltrate businesses and steal millions of dollars by falling victim to executive impersonation fraud. Surveying the Landscape A variant of business email compromise (BEC), executive impersonation fraud entails a skilled [...]

2019-01-29T12:52:57-06:00March 27th, 2017|CYBERSECURITY, MARCH 2017, May 2017|

You Just Rolled Cybersecurity Attack Snake Eyes. Now What?

In the game of cybersecurity, betting the farm on an ironclad perimeter defense is a losing strategy. “There is a good chance that hackers are already in your system,” a privacy attorney recently told Data Breach Today. “Your focus should turn to not only protecting your perimeter but also identifying hackers within your network and [...]

2018-11-12T15:47:37-06:00July 26th, 2016|CYBERSECURITY, JUNE 2016|

How to Become the Boss of Your Digital Assets

Cybersecurity is a high-stakes game. Understanding the key differences between various types of cyber information is critical to a strong information security program. After all, we protect what is important to us. Organizations that take the time to understand the value of the digital assets they are protecting are more likely to leave the table as [...]

2018-12-17T12:52:55-06:00April 11th, 2016|CYBERSECURITY|