*Title image from Wired magazine's March 2018 cover, via ZDNet's articleFacebook has categorically mishandled some extremely sensitive information, our passwords, by allowing them to be written to a plain TEXT FILE on a drive on their internal network. This was reported by Brian Krebs yesterday and subsequently acknowledged by Facebook ... Read More

I went to RSA this year, hoping to see solutions to help the organizations that struggle with cybersecurity the most - those facing the same threats as large enterprises, but without the same resources. I wanted to see ways of detecting threats, responding to them, and doing it affordably. I ... Read More

If you were just starting to relax, having fulfilled your compliance responsibilities for GDPR, I can’t help but wonder – have you thought about CCPA yet? Sure, it’ll be easier this time – many of the policies, programs, and safeguards you’ve implemented will apply to CCPA as well – but ... Read More

When looking at monitoring enterprise security, many companies will consider a centralized Security Information and Event Management System (SIEM). Popular names in SIEM, such as ArcSight, Splunk, IBM QRadar, Elasticsearch and others, mention capabilities like event collection from virtually any source. Such systems attempt to find security-related events using rules ... Read More

The two-year transitional period of the NYS DFS cybersecurity regulation (23 NYCRR 500) comes to an end this Friday, March the 1st 2019 at which point all ‘covered entities’ must be compliant. So, who does this impact, what is required to be compliant, and how can IntelliGO help? I’ll detail ... Read More

Last month, Google was fined 50 million Euros for their failure to comply with GDPR, which may come as no surprise given their reputation and the sheer volume of EU citizens’ data they process. More surprising in my opinion, is that the fine for the search giant doesn’t seem proportionate ... Read More

For those who don’t know, we have three P’s in cybersecurity; people, platform, and process. Invariably, the first step companies take towards securing their organization is by investing in platform (technology): anti-virus, usually followed by a firewall. Then, once they grow to a size where they “feel like” they have ... Read More

2018 was a busy year for cybersecurity! The introduction of GDPR in Europe and changes to PIPEDA in Canada marked the regulation of personal data and privacy extending beyond national borders. Big technology companies felt the brunt of the penalties from them (Facebook). Hardware vulnerabilities reached new highs (Intel), and ... Read More

Changes to Canada’s privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA) went into effect November 1st. This regulation extends beyond the Canadian border to those companies doing business with (or ‘controlling data’ of) Canadians in most provinces. There are several stipulations about how data is handled, and ... Read More