Resources

leadership team img1

Michelle Drolet

What You Need to Know: A large-scale phishing campaign was disclosed by ThreatLabz this week. The researchers observed the use of advanced phishing kits in a large campaign primarily targeting corporate enterprise users of Microsoft email servers. The threat actors behind the campaign have not been identified, but researchers observed the attackers using an adversary-in-the

leadership team img1

Michelle Drolet

What You Need to Know: A hardcoded credentials vulnerability was found in the Questions for Confluence app and is under active exploitation. The vulnerability allows remote, unauthenticated attackers that know the hardcoded password for specific accounts in the app, to gain access to non-restricted pages in Confluence. CVE-2022-26138 was observed to be under active exploitation

Card image

Insights: Janelle Drolet presents at AWS re:Inforce Boston

#Managed Detection & Response
#Managed Detection & Response
leadership team img1

Michelle Drolet

We were honored to have our Director of Sales, Janelle Drolet, present at the AWS re:Inforce yesterday in Boston. We were excited to share the unique partnership of Towerwall, Alert Logic, and AWS. Learn more about the Towerwall and Alert Logic MDR difference.  

leadership team img1

Michelle Drolet

First of all, thank you! With your help, Towerwall, along with our partners SentinelOne, Proofpoint and Alert Logic are proud to announce the donation of $1,600 to MassBay’s Cybersecurity Scholarship Fund. The funds were raised as part of Towerwall’s recent Annual Security Summit. The Bi-annual Sessions and Annual Summit create an open forum for knowledge

leadership team img1

Michelle Drolet

What You Need to Know: A zero-day vulnerability was found in the latest Widows 11 and Windows Server 2022 releases. CVE-2022-22047 is a local privilege escalation vulnerability found in the Windows Client and Windows Server Runtime Subsystem. Although Microsoft has issued a patch, the vulnerability is actively being exploited by attackers and has a CVSS

leadership team img1

Michelle Drolet

What You Need to Know: Over the Fourth of July weekend, Google released a patch for a high-severity zero-day Chrome vulnerability. The vulnerability is being exploited in the wild and affects Google Chrome and other chromium-based browsers. The heap-based buffer overflow vulnerability is found in the WebRTC (Web-Real-Time Communications) component. The vulnerability is being tracked

leadership team img1

Michelle Drolet

Thank you to all that joined us at our Cybersecurity Executive Session this past Thursday. It was an amazing event with great discussion from industry leaders. A huge thank you to our presenting partners: MassBay Community College, Alert Logic, Sentinel One and Proofpoint. As in years past, all proceeds of the event will go to

leadership team img1

Michelle Drolet

What You Need to Know: A ransomware attack was deployed against an unnamed target, using Mitel’s VoIP appliance an entry point. CVE-2022-29499 is actively being used by attackers to achieve remote code execution and to gain initial access to their victim’s environment. The vulnerability is rated 9.8 in severity on the CVSS vulnerability scoring system.

leadership team img1

Michelle Drolet

What You Need to Know: Today, VMware issued patches for two security flaws discovered in Workspace ONE Access, Identity Manager, and vRealize Automation. The vulnerabilities are tracked as CVE-2022-22972 and CVE-2022-22973 and could be exploited to backdoor enterprise networks. The first vulnerability, CVE-2022-22972 has a critical CVSS score of 9.8 and is an authentication bypass

leadership team img1

Michelle Drolet

Think about this for a moment — global CEOs rank cyber risk as a top concern ahead of macroeconomic volatility, health risks, climate change or even geopolitical crises. What’s worse, they represent organizations that are deploying top-tier security tools, teams and security measures. So where is everyone going wrong? Truth is, cybersecurity is more than just committing

leadership team img1

Michelle Drolet

Organizations collect, store and process vast amounts of data today. Employee information, supplier information, customer information, intellectual property, financial records, communication records—all common types of data that ordinarily exist in almost every business. When organizations fail to secure or protect this data, it exposes them to a host of business risks like breaches, financial losses,

leadership team img1

Michelle Drolet

BOSTON, March 10, 2022 (Newswire.com) – Towerwall, a cybersecurity preparedness and consulting services firm, today announced that its Founder and CEO Michelle Drolet was named to the inaugural SIA Women in Security Forum Power 100 honoree list sponsored by the Security Industry Association (SIA), a trade association for global security solution providers with over 1,200 member companies that help

leadership team img1

Michelle Drolet

What You Need to Know: This week, ESET researchers discovered three new cyberattacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper. There is a new exploit, HermeticWizard, which spreads HermeticWiper across local networks via WMI and SMB. HermeticWizard is a worm that was deployed on a Ukrainian system on February 23, 2022. The malware starts by trying

leadership team img1

Michelle Drolet

Businesses are gearing up for another bumpy year of cybercrime. An ongoing barrage of phishing and ransomware attacks, third-party breaches like those involving Log4j and SolarWinds and the surge in remote work are but a few of the many reasons why almost 80% of security leaders still lack confidence in their cybersecurity posture. In response, a majority of them are planning to significantly

leadership team img1

Michelle Drolet

FTC warns businesses that failure to address critical vulnerability could result in legal action. On Dec. 9, the Apache Software Foundation issued a Log4j security alert that a vulnerability (CVE-2021-44228), aka Log4Shell, allows unauthenticated users to remotely execute or update software code on multiple applications via web requests. On a scale of severity, the NIST has graded

leadership team img1

Michelle Drolet

This eBook strives to make the 20 security controls as described in detail by the SANS institute more accessible to everyday business people.

Taking any one of these 20 actions on the list will have a positive impact on your security status, but the smart move is to work towards fulfilling all 20 of these recommendations. These are simple common-sense rules, but you’d be amazed at how often they’re overlooked.

leadership team img1

Michelle Drolet

This holiday season, we are proud to announce we have made a donation to a new scholarship fund aimed at supporting young women and minority students to pursue rewarding careers in cybersecurity. Long-time colleague and client, United States Air Force Veteran, Saeed Garner, Director of Information Security for Christian Care Ministry, founded the newly established

leadership team img1

Michelle Drolet

What You Need to Know: Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell. Log4j is a Java-based open-source library used by apps and services, and the newly found vulnerability could allow an attacker to compromise millions of devices across the

leadership team img1

Michelle Drolet

Traditional cybersecurity practices relied on the age-old maxim, an ounce of prevention is better than a pound of cure. But here’s the biggest truth about modern cybersecurity: There’s no such thing as foolproof security, and bug-free software is an oxymoron. From the ’90’s script kiddies to present-day state-sponsored actors and cybercrime syndicates, attacks have grown

leadership team img1

Michelle Drolet

If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. Many organizations transact with hundreds of third-party partners, according to EY’s Global Third-Party Risk Management Survey 2019-2020, a trend that PwC finds shows no sign of slowing, even as the risks increase. A recent survey by security vendor Anchore found that in

leadership team img1

Michelle Drolet

BOSTON – August 31, 2021 – Towerwall, a 25-year provider of cybersecurity services for emerging to mid-size enterprises, today announced it has teamed up with Amazon Web Services (AWS) to list its array of data and IT security services and onsite deployment of Virtual Security Officers on the AWS Marketplace. Towerwall is one of the

leadership team img1

Michelle Drolet

According to Ponemon, 67% of respondents to a CISO survey believe hackers and cybercriminals are more likely to target their companies. In this regard, the role CISOs play in modern organizations has grown more critical, as they’re tasked with managing enterprise risk, securing Internet of Things (IoT) devices and deploying security analytics. To maximize the security of

leadership team img1

Michelle Drolet

It’s probably no surprise that the ideal method to validate security defenses, strengthen cybersecurity posture and prepare for a cyber incident is through simulation of a cyber-attack. Sports leagues, coaches and analysts have used the same technique to improve performance and boost defense capabilities of their teams.

leadership team img1

Michelle Drolet

The landscape of cybersecurity insurance is shifting in the wake of a wave of high-profile ransomware attacks. Over the last five years, the U.S. has suffered more than 4,000 ransomware attacks a day, according to a U.S. government interagency report. It’s a pandemic unto itself: Ransomware attacks happen once every eight minutes. This trend has driven greater

leadership team img1

Michelle Drolet

Most people aren’t aware of what to look for when buying a cyber insurance policy. Since it is still a novel concept, you first need to determine your cyber risk, your risk tolerance and the costs of things that don’t have a clear monetary value (e.g., injury to your business’s reputation). What’s more, some insurance companies are still not fully certain as to how to underwrite cyber-insurance policies.

leadership team img1

Michelle Drolet

For small to mid-size businesses (SMBs), knowing what you need to remain secure and setting a resilient plan in place is half the battle. With the average cost of a security breach nearing $4 million, organizations need to detect threats early. Threat monitoring, detection and response (MDR) services offer businesses a turnkey security response. Combined

leadership team img1

Michelle Drolet

For Georgia, Virgina, the Carolinas and other states, it was Jimmy Carter revisited as long lines and price spikes awaited motorists at the gas pumps. Some stations as far south as St. Petersburg, Fla. ran out entirely, worrying travelers making plans for Memorial Day weekend. We learned a few things from the Colonial Pipeline ransomware

leadership team img1

Michelle Drolet

Over 37 billion records were exposed in breach events in 2020 – by far the most records exposed in a single year, according to a recent report by Risk Based Security. How has remote working impacted your organization’s security posture? What lessons can security professionals learn from the recent wave of breaches and what steps

leadership team img1

Michelle Drolet

It is important to remember that, even if we think our environments are completely secure, there is always the potential for a breach. So how do we remain secure? Join Michelle Drolet and Bharath Vasudevan as they examine how the “Layers of Defense Method” is the key to security.

leadership team img1

Michelle Drolet

We are proud to share that our founder and CEO, Michelle Drolet has been named as a “Top 25 Women in Cybersecurity” by The Software Report. See below for more information and to read more: “The women that comprise this year’s list have not only stepped up to new challenges in addressing cyber risks and

leadership team img1

Michelle Drolet

Navigating the vendor landscape is a challenge for many IT departments, particularly when looking at detection and response solutions, and especially since the cybersecurity industry is overly reliant on acronyms. EDR, MDR and XDR are three emerging endpoint security technologies built to provide greater visibility, threat detection and response across all corporate endpoints. With today’s

leadership team img1

Michelle Drolet

Modern cyber threats are growing in scope, cost and complexity. Hackers are continuously evolving their tactics to execute breaches, hold businesses at ransom and steal intellectual property. Globally, cybercrime is estimated to cost $10.5 trillion annually by 2025. To put things in perspective, the combined revenue of the world’s largest tech companies, Apple, Amazon, Alphabet and Facebook,

leadership team img1

Michelle Drolet

Selecting a Large-Scale, Secure and HIPAA-Compliant Covid Scheduling Solution A year ago, the coronavirus threw the world into a historic crisis. One industry pushed to the brink was the U.S. healthcare system. Now, with the arrival of life-saving vaccines, hospitals that were once tasked with treating waves of sick patients are now shifting gears to

While Service Organization Control (SOC) 2 compliance isn’t mandatory, it can bring a range of benefits for your organization. Created by the AICPA (American Institute of Certified Public Accountants), this auditing process helps you to assess your data privacy and security standards. Once achieved, you will have a comprehensive set of security policies that will

leadership team img1

Michelle Drolet

Healthcare organizations have faced continual stress from heavy COVID-19 caseloads in 2020. Cyberattacks on their information networks also loomed as a serious threat, and the pressure to protect data is expected to grow this year, as more criminals target healthcare providers. Protecting patient data from unauthorized access has long been a regulatory prerequisite for healthcare

leadership team img1

Michelle Drolet

The pandemic has dominated the news in 2020, overshadowing everything else. We’ve seen a rapid rise in remote working, a wave of pandemic-related scams and pressure to modernize IT while cutting costs. As the dust settles on a tumultuous year, it’s time to plan ahead. IT departments were forced to accelerate their plans and roll

leadership team img1

Michelle Drolet

I wanted to reach out to provide you with important information on the recent hack that has impacted nearly 20,000 of SolarWinds customers. The attack, which dates back to October 2019, has impacted many sectors including government, hospitals, educational and technology organizations. Over 80% of the Fortune 500 companies have uncovered a breach in their

leadership team img1

Michelle Drolet

A dark web scan review from Alert Logic can help scan your company domain and discover when and whose credentials have been exposed and when exposure is discovered, you can then require affected employees to change their passwords.

leadership team img1

Michelle Drolet

10) With so many people working from home on all sorts of devices, make sure these endpoints continue to receive the latest security patches and software operating system updates to lessen your chance of compromise. 9) Avoid running sensitive transactions (like banking) over public WiFi networks that are typically unsecured from eavesdropping. Using your smartphone

leadership team img1

Michelle Drolet

Penetration testing is vital, but are you doing it right? Here are some common mistakes and advice on how to avoid them. One of the most effective ways to uncover flaws and weaknesses in your security posture is to have a third party carry out planned attacks on your system. Penetration testing is all about

leadership team img1

Michelle Drolet

The threat of a cybercriminal gaining access to your network is a constant source of anxiety. Amid all of the high-profile data breaches, businesses and organizations of all sizes have been successfully targeted by hackers who employ a wide range of different strategies. Too many companies have had to learn all about the potential cost of

leadership team img1

Michelle Drolet

If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. As businesses grapple with the pandemic, millions of workers are no longer working in the traditional office behind the traditional perimeter. They are working from home, accessing data and network resources using unauthorized devices, unauthorized

leadership team img1

Michelle Drolet

With ransomware and phishing attacks on the rise, companies must continuously focus on cyber risks to protect assets and customers. Covid-19 forced organizations to evolve their business models overnight. The demand for digital infrastructure has skyrocketed and industries are seeing large-scale adoption of work from home. Unauthorized software, unsecured devices, stressed and distracted workers have

leadership team img1

Michelle Drolet

Many organizations lack the internal expertise to address threat detection and response effectively, but MDR can fill the gap. Part 1 will look at why you should consider MDR to manage your cybersecurity threats. Part 2 will examine what to look for when shopping for MDR services.

leadership team img1

Michelle Drolet

Hear from our resident expert as he discusses best practices for cloud-based forensics.

leadership team img1

Michelle Drolet

This whitepaper examines the challenges inherent in achieving continuous PCI DSS compliance across multi-cloud and hybrid landscapes and what to look for in evaluating solutions and service providers that can address those complexities.

leadership team img1

Michelle Drolet

Unauthorized software and devices and stressed and distracted workers have expanded the attack surface and left businesses exposed to a number of cyber-risks. Small and medium-sized businesses in particular are most vulnerable since a majority of them run legacy or outdated systems.

leadership team img1

Michelle Drolet

Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here’s how to get started. No matter how secure your business, data breaches are an unfortunate fact of life. Whether an attack is the result of a determined cybercriminal, a disgruntled insider, or simple human error, you can limit the

leadership team img1

Michelle Drolet

Per a recent analysis from Microsoft (via The Interpreter), every country in the world has fallen prey to at least one COVID-19-related attack. Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory back in issued an advisory back in April…

leadership team img1

Michelle Drolet

Covid-19 has disrupted our lives and caused a lot of stress and panic globally. Even though lockdowns may be relaxing, cyber-attacks are showing no signs of slowing down. The pandemic has created the perfect environment for hacktivists to strike with a high degree of success. Let’s understand the top five reasons for this: 1. Expanding

leadership team img1

Michelle Drolet

As the average monetary cost of a malware attack continues to increase and currently costs an organization an average of $3.86 M, it is vital to be up to date on detection and prevention best practices. No level of investment prevents or blocks 100% of attacks. You will learn how to continuously identify and address

leadership team img1

Michelle Drolet

Many organizations lack the internal expertise to address threat detection and response effectively; MDR can fill the gap. Here’s what to look for when you shop for MDR services. Threat detection and response is a priority for most CISOs because they recognize that the faster a breach is detected and dealt with, the easier and cheaper it is to fix. And since it takes an average of 280 days to identify and contain a breach, according to Ponemon Institute research, there’s plenty of room for improvement.

leadership team img1

Michelle Drolet

Per a recent analysis from Microsoft (via The Interpreter), every country in the world has fallen prey to at least one COVID-19-related attack. Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory back in April relating to heavy exploitation of Covid-19 by malicious cyber actors. A Breeding Ground For Cybercriminals That’s Not Going

leadership team img1

Michelle Drolet

In a recent article, “New Tech Project? Get Your Devs On Board Fast  with These 16 Tips” published on Forbes Technology Council, Michelle Drolet shares how a Solid Secure Development Lifecycle can help: Create a solid SDLC program plan. Developers need a solid secure development life cycle program plan. Test against the plan/program’s “application risk

leadership team img1

Michelle Drolet

Security pros have a lot to juggle, but look in the right places and you can find invaluable assistance for free. Maintaining security is a never-ending business. There’s so much to worry about, from misconfigured software to phishing attacks to a rapidly expanding inventory of devices with their own vulnerabilities and update requirements. We could all use

leadership team img1

Michelle Drolet

Live online Friday, July 10th 12:00 – 1:00 p.m. EST Panelist include: Michelle Drolet, Towerwall & Jason Klein, Offit Kurman The threats are real and increasing daily. Learn how you can protect yourself and your cannabis company from unauthorized access to confidential files and proprietary data. By now, we are all too familiar with the

leadership team img1

Michelle Drolet

Live online July 2, 2020 12:00 pm ET Panelist include: Michelle Drolet, Towerwall, Itay Nachum, Safe-T, Scott Tingley, Cogito & Tom Ward, Qnext Data breaches are on the rise, highlighting no organization is safe from cyberattacks. One cause is that workforce mobility and cloud computing has placed most workloads beyond the shelter of corporate networks

KelleyGallo

Kelley Gallo

Please join us for our 8th Annual Information Security Summit! “The Evolving Threat Landscape 2020” This regional event provides participants with an update on the latest developments, trends, and status in information security. With the growing popularity of disruptive technologies, including mobility and cloud computing, social networking, and big data analytics, the accompanying data security

leadership team img1

Michelle Drolet

10) Zooming out. Video conferencing is a two-edged sword; while a boon to nurture group discussion, the degree of focus paid to a small screen while feeling self-conscious (how’s my hair?) can oversaturate users. People are now reporting Zoom fatigue, citing anxiety. Identify mental health and grief counsellors who can step in during these COVID-19

leadership team img1

Michelle Drolet

The COVID-19 pandemic has brought about a seismic shift in how the world goes to work. Apart from essential services, remote work is the new normal, mandated everywhere — even in organizations that never previously offered remote work options. Lack of VPN infrastructure or its ability to scale, legacy systems that were never designed for remote work,

leadership team img1

Michelle Drolet

Live online June 4, 2020 12:00 pm ET Presented by Diana Kelley, Cybersecurity Field CTO, Microsoft Michelle Drolet, CEO, Towerwall Wherever we turn it feels like the news is all COVID-19 all the time. Many of us are feeling stressed and overwhelmed and attackers know it. At Microsoft, we’ve seen an increase in the success

leadership team img1

Michelle Drolet

Live online Thursday, May 28 at 3:30 p.m. ET Cyberthreats morph rapidly as they try to stay ahead of our defenses; wearing new disguises and breaking down virtual barriers in unique ways. The answer to, “How do I remain secure?” changes as quickly as the cyberthreats we face. Join us for an interactive Q&A Panel

leadership team img1

Michelle Drolet

These are unprecedented times. As companies scramble for business continuity, millions of workers around the world are forced to adapt to a workplace culture dubbed as the world’s largest work-from-home experiment. But there is a steep price to be paid for this change — weakened cybersecurity. With more and more people working from home, the attack

leadership team img1

Michelle Drolet

10. Pandemic panic Criminals thrive during a crisis, knowing people under stress and distraction are more prone to readily click a text or email link without thought to its legitimacy. As such, COVID-19-related phishing attacks grew 600% in the first quarter. 9. FTC Warnings The Federal Trade Commission just reported $12 million in coronavirus scams calling it the

leadership team img1

Michelle Drolet

10) Start with a plan. Companies of all shapes and sizes should draft a distinct crisis response plan. Existing disaster recovery plans or business continuity plans might not suffice. 9) Lead with leadership. Pick a small team responsible for your plan. Get buy-in from the top, pull in human resources, finance, IT. Develop policies minimizing

leadership team img1

Michelle Drolet

As the novel coronavirus (which causes COVID-19) continues to spread around the world, businesses must do what they can to prepare for absent staff and possible periods of enforced closure. In general, it’s vital that companies of all sizes and types draft a distinct crisis response plan because existing disaster recovery plans or business continuity

leadership team img1

Michelle Drolet

Join our partner Pcysys for their latest webinar: What’s New in PenTera Thursday, March 26th 3:00 PM GMT | 10:00 AM EST In the upcoming What’s New webinar, we’ll go over the new features and enhancements in PenTera version 4.0. You’ll learn about our new: Revamped User Interface Direct Access to Entire Remediation Wiki Web

leadership team img1

Michelle Drolet

10) High priority. 64% of businesses are prioritizing IT security above everything else and 80% of small and medium businesses rank IT security as a top business priority. 9) Bad news. A successful cyber-attack can damage your company reputation beyond repair including financial losses, intellectual property theft and erosion of customer confidence and trust. 8)

leadership team img1

Michelle Drolet

As a valued customer, I appreciate the trust you place in your Towerwall team. I want to assure you that the safety and security of our customers and employees is Towerwall’s highest priority. Given the heightened business environment due to the Coronavirus (COVID-19), our top priority is to ensure the continuity of our support services

leadership team img1

Michelle Drolet

When apps are developed in a hurry and not properly put through their paces, the risk of something going wrong is high, as the Iowa Democratic Party just learned to its cost. Creating secure, fully functional mobile apps takes time and requires stringent testing. In the aftermath of the delayed results for Iowa’s Democratic presidential caucuses, it

leadership team img1

Michelle Drolet

As California’s privacy legislation goes into effect, it’s time to take stock of your security strategies around data and think about the future. The trend towards greater privacy is set to continue. The big data grab drove companies to stockpile data, with little thought of how to use it, and even less thought about how

leadership team img1

Michelle Drolet

Is cybersecurity a top priority for your business? We certainly hope so. A recent report revealed that almost 64% of all businesses prioritize IT security above everything else. Even 80% of all SMBs rank IT security as a top business priority. The Impact Of Cybercrime Can Be Far-Reaching A successful cyberattack can damage your company beyond repair. This could

leadership team img1

Michelle Drolet

Cloud security is simpler than you think. Move to the cloud with confidence while increasing the efficiency of your security management, compliance, and governance. Listen in to learn how you can: Secure once and run everywhere: manage a multi-layered security strategy across your data center and cloud from a single console. Secure every cloud and

leadership team img1

Michelle Drolet

It may seem like a peculiar twist of irony, but as the technical capabilities afforded by automation proliferate, successful cyberattacks are increasingly more reliant on human execution. Join this 60-minute presentation to learn more about the cyber threat landscape, threat hunting and response techniques, and real-world examples of how Sophos Managed Threat Response detects and

leadership team img1

Michelle Drolet

The risk of a data breach is ever-present and can prove disastrous especially for cash-based businesses like cannabis. It’s vital to guard against cyber-attacks, but also to establish solid plans to ensure you react to any breach in the right way. It has never been easier for cybercriminals to infect your business with malware or

leadership team img1

Michelle Drolet

Our CEO, Michelle Drolet recently sat down with Superb Crew to discuss industry trends, threats and how to stay ahead. Link to the full interview below Q: What are you most excited about in the industry at the moment and what future trends are you expecting to see? A: We see more business coming to

leadership team img1

Michelle Drolet

10. Nigerian prince lives. The royalty who wants to send you money is the oldest scam in the book, yet it continues to lure victims. Phishing works by creating false trust to give up log-in credentials, click a bogus URL or download a malware-infected file. 9. Avoid pain. Be aware successful phishing scams can result

leadership team img1

Michelle Drolet

Record numbers for internet sales were reported in 2019, but online retailers aren’t the only ones laughing all the way to the bank. Cybercrime costs retailers a staggering $30 billion a year, and the sector is among the top ones targeted globally. Last year, three quarters of global retailers reported falling victim to cyberattacks. A New Attack Method Emerges: Ad Threats Cyberattackers are

leadership team img1

Michelle Drolet

2019 is set to break a record for the highest number of security incidents ever recorded and probably the biggest and most expensive year in terms of data breach fines, penalties and court settlements. While large-scale breaches always make big headlines, hackers are not sparing small businesses and consumers. As we head into the new decade, cyberattacks will continue

leadership team img1

Michelle Drolet

It’s almost a no-brainer that all organizations, regardless of their size, need some form of cybersecurity. Cybersecurity not only means that you protect your digital assets against a cyberattack, but it also means that you must plan for the inevitable. What if your data is breached or your systems are attacked? Seems pretty obvious, doesn’t

leadership team img1

Michelle Drolet

Enterprise access requirements are growing ever more complex due to application dynamics, cloud adoption and mergers. To cut through this complexity, technical professionals should explore SDP – a new technology whose strength lies in facilitating access to enterprise apps. Safe-T’s Software-Defined Access Suite takes SDP to the next level, revolutionizing Zero Trust network design.

leadership team img1

Michelle Drolet

The cloud has revolutionized the way we work. It has become an indispensable part of our lives. It has allowed us to do business in a faster, more scalable way and has become the foundation for other disruptive businesses. Cloud accelerated the fortunes for some of the world’s largest companies. For Google, Microsoft and Amazon, cloud services is one

leadership team img1

Michelle Drolet

Staying abreast of the latest cybersecurity trends can be a tricky challenge for modern businesses, but it’s absolutely vital if you want to safeguard your data. Plugging vulnerabilities, keeping your cloud secure, and avoiding phishing scams and ransomware attacks requires diligence, user awareness, and vigilance.

leadership team img1

Michelle Drolet

Forbes Technology Council Is an Invitation-Only Community for Executives Leading Their Industry BOSTON – October 25, 2019 — Michelle Drolet, CEO of Towerwall, is celebrating her one-year anniversary as a member of the Forbes Technology Council, an invitation-only organization for senior leaders to publish original content, connect and excel. “We are so pleased to have

leadership team img1

Michelle Drolet

Companies that move to the cloud have to assume new responsibilities, develop new skill sets and implement new processes. The first step to better cloud security is to assume you have no security. Cloud computing has transformed the way businesses work and continues to disrupt traditional business models. IDC predicts that by 2023 public cloud spending will

leadership team img1

Michelle Drolet

Expert panelists Michelle Drolet of Towerwall and Tom Ward of Qnext/FileFlex joined participants online on October 1st 2019 to speak about how to use a decentralized edge-cloud architecture to secure your company’s files & data and prevent cybersecurity threats and ransomware attacks. Watch the full webinar below:

leadership team img1

Michelle Drolet

Our own Michelle Drolet sits down with Jeffrey Davis, founder and host of Radio Entrepreneurs to share her story and lessons learned as an entrepreneur. Watch above or click here to listen > Radio Entrepreneurs shares the stories of entrepreneurs in the interest of giving more exposure to innovative and fast-moving companies while creating a

leadership team img1

Michelle Drolet

One of the biggest challenges about working in cybersecurity is that you’re facing an enemy who learns and adapts. Cybercriminals can be very organized, they cooperate, and they’re constantly working to develop new techniques and strategies that will breach your defenses. They’re also growing increasingly adept at sniffing out the best opportunities to extract maximum

KelleyGallo

Kelley Gallo

Thank you to all who attended this year’s Information Security Summit! Please see the video recap below. Looking forward to seeing everyone next year!

leadership team img1

Michelle Drolet

How to secure remote file access, sharing and collaboration with decentralized cloud computing. When: Tuesday, October 1, 2019 – 2:00 PM EST Sponsored by: Sponsored by Towerwall and Qnext Presented by: Michelle Drolet, Paul Barker Register now >  

leadership team img1

Michelle Drolet

Workloads in the public cloud are the new pot of gold for savvy cybercriminals. Often misconfigured and under-secured, they’re an easy way for hackers to steal data and take advantage of your processing power. If you use Amazon Web Services, Microsoft Azure, or Google Cloud Platform, or are thinking about migrating to any of these,

leadership team img1

Michelle Drolet

Social media has completely changed the way humans interact. Our lives have become increasingly public as we all share a variety of personal information online on various social networks. 2019 has seen worldwide social media user numbers grow to almost 3.5 billion, with 288 million new users in the past 12 months, pushing the global social

leadership team img1

Michelle Drolet

When we hear the word “cybersecurity” a lot comes to mind — firewalls, antivirus, endpoint protection, email security, web security and much more. But how often do we think or talk about people? This is a central element in cybersecurity that is often ignored. ‘To err is human”— it’s obvious that as humans we often

leadership team img1

Michelle Drolet

While much of cybersecurity is focused on prevention, the simple fact is that many attacks are successful. Even a sophisticated, expensive security system is going to be breached from time to time. Smart attackers try to fly under the radar, biding their time and extracting maximum value or causing maximum carnage, sometimes over a period

leadership team img1

Michelle Drolet

Businesses continue to face modern cyber attacks such as ransomware threats and data breach incidents. In the wake of a non-stop onslaught from advanced hackers, it seems that no matter what defensive measures organizations put in place, cyber adversaries and malware authors are able to circumvent them. Cybercriminals are not only motivated to target high-profile

leadership team img1

Michelle Drolet

When we say “operationalizing cybersecurity,” what we are essentially saying is the implementation of best practices that strengthen your cybersecurity infrastructure. This results in a strong security posture able to address advanced and continuously evolving cyberthreats leveled at any organization. A well-defined cybersecurity strategy lies at the very root of seamless operationalizing. Key stakeholders like

leadership team img1

Michelle Drolet

The numerous high-profile data breaches that took place in 2018 illustrate that no organization, irrespective of size, scale or scope, is immune from cyberattacks. Last year witnessed a 350% increase in ransomware attacks and a 70% increase in spear-phishing attacks. We are looking at a state-of-affairs wherein it is very easy for cybercriminals to exploit security vulnerabilities and target

KelleyGallo

Kelley Gallo

7th Annual Information Security Summit Presented by MassBay Community College and Towerwall, Inc. When: June 6, 2019 8:00AM – 1:30PM When: MassBay Community College 50 Oakland Street Wellesley Hills, MA 02481 About the Conference: This year’s Information Security Summit will deliver information on the latest threats and emerging technologies such as ML, AI, and automation.

leadership team img1

Michelle Drolet

As cyber attacks become increasingly common, it is vital for organizations to be armed with the most effective tools and knowledge to prevent, detect and respond to cyber threats. Join this interactive Q&A panel with top security experts across the ecosystem to learn more about: Trends in Advanced Threat Detection & Vulnerability Management How to

leadership team img1

Michelle Drolet

What is cyber threat intelligence, and how can organizations leverage it to identify threats and potential malicious activity in advance? Discover the best ways organizations can arm themselves with actionable threat intelligence to block cyber attacks or mitigate their impact. Join this panel of experts to learn more about: Cyber threat intelligence: What it is

leadership team img1

Michelle Drolet

Cybersecurity, much like safety, cannot be achieved – it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it. Host: Michelle Drolet, CEO, Towerwall and Amy McLaughlin, Director of Information Services, Oregon

leadership team img1

Michelle Drolet

What Exactly Is Automated Penetration Testing? Software-based penetration testing is here! Learn how leading companies are taking advantage of this new technology to drive cost-effective remediation. When: Wednesday, February 27th 2:00 PM EST Host: Amitai Ratzon CEO , Pcysys Your Takeaways: A fresh approach to vulnerability remediation prioritization How to ensure your security posture is kept

leadership team img1

Michelle Drolet

Best Practices for Protecting Your Business from Cybercrime Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime? Join this panel of security experts to learn more about: Trends in cybercrime and lessons learned

leadership team img1

Michelle Drolet

An Introduction to New Technology – Automated Penetration Testing In this webinar, we will review Automated Penetration Testing – principles, benefits, use cases, case studies, and live demo. When: Wednesday, January 16, 2019 2:00 PM ET Your Takeaways Understand the threat actors’ perspective of your company Learn of a different approach to  vulnerability remediation prioritization

leadership team img1

Michelle Drolet

Ransomware attacks can prove extremely disruptive and expensive to remedy. Prevention is better than finding a cure, and ransomware incidents are easily preventable with the right action. A few high-profile ransomware incidents have spread awareness, and many individuals and organizations have likely taken strides to protect themselves, which may have diminished the success rate of ransomware

leadership team img1

Michelle Drolet

Best Practices for Securing Your Organization in 2019 Data breaches are on the rise and getting their fair share of media attention. It is no longer a question of “if”, but “when” an organization will get breached. So, how are organizations preparing for the inevitable? When: Tuesday, January 15, 2019 11:00 AM ET About the

leadership team img1

Michelle Drolet

Bad actors have taken advantage of unpatched systems, software vulnerabilities and increasingly devious forms of malware for years, but their preferred weapon is often phishing. While their motives haven’t changed — luring target victims to click highly legitimate-looking emails so they can steal the keys to the castle — I’ve seen their attack methods grow more sophisticated

leadership team img1

Michelle Drolet

The NIST Cybersecurity Framework (CSF) is a crowdsourced set of best practices to help you analyze your cyber risk posture and work towards improving it. Learn what it can do for your business, how to tailor and implement it, and how to manage it to work towards your desired security posture. The cybersecurity threat and

leadership team img1

Michelle Drolet

The Rise of Targeted Ransomware What is targeted ransomware? Are you susceptible? What can you do to defend against it? Presented by: Michelle Drolet, CEO, Towerwall Watch now >  

leadership team img1

Michelle Drolet

Dean College’s IT team experienced the challenges of protecting the College’s information and technology assets, complying with regulatory requirements, and adhering to security best practices. This translated into the need to develop a solid foundation and implement policies on secure, responsible, and acceptable use of the College’s information and technology assets, addressing potential phishing and ransomware threats, and building repeatable information security programs…

leadership team img1

Michelle Drolet

Breaches often take weeks or even months to uncover, but the right strategy combined with strong endpoint detection & response (EDR) tools can make all the difference. We examine seven vital factors to consider. Many different elements need to come together for an organization to secure its data properly. Most companies adopt a security strategy

leadership team img1

Michelle Drolet

Michelle Drolet sits down with Mindset Entrepreneur. Click the image below to watch now:

leadership team img1

Michelle Drolet

Many organizations take steps to guard against data breaches, employing new policies, tools and strategies that make them feel protected, but their defenses may not be as strong as they think. Unfortunately, this false sense of security is all-too-easy to come by. Data breaches are commonplace now and there’s a growing realization that organizations need

leadership team img1

Michelle Drolet

10) Got cloud? According to Cloud Security Alliance, more than 70 percent of the world’s businesses now operate in some capacity on the cloud. 9) Cloud positive. Running apps in the cloud offers lower fixed costs, auto updates, easier collaboration, disaster recovery, scalability, pay-as-you-go options, lower tech support costs and access from any device. 8)

leadership team img1

Michelle Drolet

Our own Michelle Drolet to sit on panel at Boston’s Town Hall: Cannabis Conversations. We hope to see you there!

leadership team img1

Michelle Drolet

Everyone should employ an intrusion detection system (IDS) to monitor their network and flag any suspicious activity or automatically shut down potentially malicious traffic. We look at five of the best open source options. As cybersecurity professionals, we try to prevent attackers from gaining access to our networks but protecting perimeters that have grown exponentially

leadership team img1

Michelle Drolet

As long there is money to be made, cybercriminals will continue to take advantage of our security weakness to pick our pockets! And hackers are a dime a dozen, with lots of tools at their disposal. Check out this Cyber Threat Report, brought to you by Sophos, to learn more about the capitalistic cybercriminal and

leadership team img1

Michelle Drolet

Trends in Data Breaches and Comprehensive Responses Does your organization have a data breach response plan? Join Michelle Drolet and a team of industry experts for an interactive Q&A panel and discover the best practices for breach response and how to strengthen your organization’s cyber resilience. About the Webinar Join this interactive Q&A panel with

leadership team img1

Michelle Drolet

As cloud adoption soars to new heights, security standards have failed to keep pace. Organizations need to start taking responsibility for their own cloud security and these five practical tips will help. There’s no doubt that widespread adoption of the cloud has enabled collaboration on a much greater scale, driving innovation and creativity. Distributed workforces

leadership team img1

Michelle Drolet

Trends in Data Breaches and Comprehensive Responses Does your organization have a data breach response plan? Join Michelle Drolet and a team of industry experts for an interactive Q&A panel and discover the best practices for breach response and how to strengthen your organization’s cyber resilience. When: Wednesday, September 19, 2018 8:00 AM ET About

leadership team img1

Michelle Drolet

Click here to watch the webinar now > Our own Michelle Drolet will be discusses the need for developing a solid Incident Response Program and doing Tabletop exercise throughout the year. An Incident Response Plan (IRP) will ensure information security incidents, once identified, will be handled and communicated appropriately. Consistency of how incidents are handled

leadership team img1

Michelle Drolet

Join us for our next InfoSec at Your Services Meetup: “GDPR Context and Myth Busters by Our Resident Expert Greg Albertyn” Hosted by Michelle Drolet and Greg Albertyn When: Thursday, September 6, 2018 6:30 PM to 8:00 PM Where: Skyboxx, 319 Speen Street, Natick We will discuss: How we collect, use and share personal data has

leadership team img1

Michelle Drolet

With the CCPA coming hot on the heels of the GDPR it makes sense to get your consumer data management in order. Taking steps to protect all private data today will pay dividends tomorrow. The idea that organizations should be doing more to protect the personal data they hold about individuals has been gaining ground

leadership team img1

Michelle Drolet

ISSA New England Chapter Meeting You are invited to The ISSA New England Chapter’s September Meeting for a morning packed with well-known practitioners in the field of Information Security as well as networking with your peers. Attendees will earn 4 CPEs When: Tuesday, September 25th, 2018 8:00 am – 12:30 pm Where: Boston Children’s Museum

leadership team img1

Michelle Drolet

How to Build a Robust Incident Response Capability for Financial Institutions Our own Michelle Drolet will be discussing the need for developing a solid Incident Response Program and doing Tabletop exercise throughout the year. An Incident Response Plan (IRP) will ensure information security incidents, once identified, will be handled and communicated appropriately. Consistency of how

leadership team img1

Michelle Drolet

Click Here to Watch the Webinar Now > View the Presentation >   About the Webinar Enterprises face an exploding number of unmanaged and IoT devices on their networks, and cyber attacks are increasingly targeting these vulnerable devices. Join Armis and Towerwall to learn about 8 ways that you can secure your enterprise from these

leadership team img1

Michelle Drolet

Make sure you understand the need to operationalize data management and security. There has been a widespread rush to get organized and compliant in time for the May 25 deadline when the EU data privacy law General Data Protection Regulation comes into effect. Little wonder when you consider what non-compliance with the GDPR could cost you —

leadership team img1

Michelle Drolet

Are you ready for GDPR? Do you meet the new requirements? Do you know your risk exposure? A lot of companies do not know. To give you an idea of the uncertainty surrounding the Regulation, Vanson Bourne surveyed 1,600 organizations. A staggering 37% of respondents did not know whether their organization needed to comply with GDPR, while 28% believe they did not need to comply at all. This uncertainty will not provide any protection from fines.

leadership team img1

Michelle Drolet

6th Annual Information Security Summit Presented by MassBay Community College and Towerwall, Inc. When: Thursday, May 24, 2018 8:00AM – 1:30PM When: MassBay Community College 50 Oakland Street Wellesley Hills, MA 02481 About the Conference: The Information Security Summit is a regional event with the goal to give participants from New England an update on

leadership team img1

Michelle Drolet

Our own Michelle Drolet featured in Fierce CEO’s “Special Report Women CEOs on Blazing a Trail to the Top: Part 2” What does it take to reach the chief executive post? Being direct about what you want, for one. “If women want the brass ring, they should try to grab it,” says Jennifer Keough, CEO of

leadership team img1

Michelle Drolet

A look at some options for keeping tabs on your staff and the possible pros and cons. Securing your data in the digital age is very challenging, but it has never been more necessary. We just looked at the hair-raising cost of a data breach in 2018 and we know that employees are often the weakest

leadership team img1

Michelle Drolet

Learn about best practices to combat the threat of ransomware There have been some seriously nasty ransomware attacks in the last few years. From Petya to Wannacry to the SamSam attack on health record company Allscripts just last month, ransomware has been wreaking havoc across the world. Global ransomware damages exceeded $5 billion last year, up from $325 million in

leadership team img1

Michelle Drolet

Click Here to Watch the Webinar Now >   About the Webinar The deadline for the new European General Data Protection Regulation (GDPR) is four months away, and it is likely to affect most companies around the world in one way or another – even ones not based in Europe. Join our friends from Sophos

leadership team img1

Michelle Drolet

10) Data breaches. Nearly 5 million data records are lost or stolen worldwide every single day, or 58 records every second. According to an IBM report, the average cost of a data breach is $7.3 million. 9) Machine learning will play a bigger role in cybersecurity. Because the battle against cyber criminals moves so rapidly,

leadership team img1

Michelle Drolet

58 data records are stolen every second at an average cost of $141 each. Trading in intellectual property and personal data is so widespread that someone invented a calculator that can estimate the potential harm to your own business. Nearly 5 million data records are lost or stolen worldwide every single day, according to the

leadership team img1

Michelle Drolet

Countdown to GDPR: Get the Competitive Edge Webinar featuring Sophos, Twinstate and Towerwall When: Wednesday, January 24, 2018 12:00 – 1:00 PM EST About the Webinar The deadline for the new European General Data Protection Regulation (GDPR) is four months away, and it is likely to affect most companies around the world in one way

leadership team img1

Michelle Drolet

Policies and software are not enough to secure your data, staff must be regularly trained. Your organization might have the most robust security program in the world. You may have stringent policies, and the latest and greatest security software tools. You might think your data is safe, but if your employees don’t have the right

leadership team img1

Michelle Drolet

Towerwall & Darktrace Dinner Seminar Hosted by Towerwall When: Wednesday, January 17, 2018 6:00 PM to 8:00 PM Where: Il Capriccio 888 Main St, Waltham, MA 02453 To Register: Contact Kelley Gallo atkelleyg@towerwall.com About DarkTrace Darktrace is the world’s leading machine learning company for cybersecurity. Created by mathematicians from the University of Cambridge, the Enterprise

leadership team img1

Michelle Drolet

Join us for our next InfoSec at Your Services Meetup: “ARMIS IoT Security” Hosted by Michelle Drolet When: Thursday, January 11, 2018 6:30 PM to 8:00 PM Where: Skyboxx, 319 Speen Street, Natick We will discuss: Internet of Things – IoT – the latest buzzwords conjour up images of toasters and refrigerators being controlled by

leadership team img1

Michelle Drolet

It may be possible to glean valuable security insights by monitoring the dark web. Although awareness of the importance of cybersecurity is spreading, the number of successful cyber-attacks continues to grow with every passing year. Globally, almost 1.9 billion data records were compromised in the first half of 2017, up 164% compared to the last

leadership team img1

Michelle Drolet

Skills shortage is making shift to continuous appsec testing challenging. While application security (appsec) is firmly on the radar, most organizations still have a way to go before they can be confident about how secure their apps are. Devops is accelerating the speed of development and, coupled with the shift to the cloud, it’s creating

leadership team img1

Michelle Drolet

Click here to watch our latest webinar from our “Lunch with a vCISO” series >  

leadership team img1

Michelle Drolet

New challenges and threats will face IT departments in the year ahead. As we stand on the threshold of another year, the war for our cybersecurity rages on. There have been many data breaches in 2017, most notably for Equifax, Verizon, and Kmart. But if you seek a silver lining in the cloud, perhaps you’ll

leadership team img1

Michelle Drolet

Today we’d like to introduce you to Michelle Drolet… Thanks for sharing your story with us Michelle. So, let’s start at the beginning and we can move on from there. As founder of Towerwall, I have to say my proudest moment was when I sold my company and then… I rebought it! I remained active

leadership team img1

Michelle Drolet

Join us for our second live webinar: Second Nature Security: More Secure Networks through Behavior Modification, Security Awareness and Training Wednesday, December 13, 2017   |   12:00 PM EDT – 1:00 PM EDT Join us for a vCISO roundtable discussion featuring: Michelle Drolet, Founder & CEO of Towerwall Greg Neville, vCISO & Sr. Security

leadership team img1

Michelle Drolet

The NIST Cybersecurity Framework (CSF) provides a set of computer security policies and guidelines for how organizations can assess and improve their ability to prevent, detect, and respond to cyber-attacks.

leadership team img1

Michelle Drolet

Deep learning can be a vital supplementary tool for cybersecurity. The meteoric rise of malware has put us all at risk. We are engaged in a never-ending race with cybercriminals to protect systems, plug gaps, and eradicate vulnerabilities before they can gain access. The front line grows by the day as we share more data and employ

leadership team img1

Michelle Drolet

Coming to a future near you: software code that mutates and evolves. We often talk about computer systems and information security in biological terms. Threats and defenses evolve, viruses run rampant, and machines learn by emulating the neural networks in our brains. Cybersecurity is an endless war between attackers and defenders, just as biology is

leadership team img1

Michelle Drolet

The headline-making Equifax data breach was one of the worst ever. Equifax exposed approximately 143 million consumers, but did not notify any of them. This data breach exposed vital information, such as driver’s license, credit cards, social security numbers, addresses, and birth dates. According to the Ponemon Institute, which conducts independent research on privacy, data

leadership team img1

Michelle Drolet

Why you need to go beyond compliance. Businesses will continue to face a ton of cyber threats, some of which will impact organizations severely enough to require security measures that will reach far beyond compliance. A Ponemon Institute study showed that the average compromised record cost approximately $194 per record. Loss of business due to

leadership team img1

Michelle Drolet

You already know how important it is to be HIPAA compliant. A lot of businesses, including registered marijuana dispensaries, get confused about the requirements, when it comes to dealing with protected health information. It can get a little fuzzy, if you’re not privy to the big picture. The Health Insurance Portability & Accountability Act was

leadership team img1

Michelle Drolet

Thanks to all who joined us at the Worcester Business Journal’s IT Forum. We hope that you found the event informative.   The following is some post event information that we thought would be helpful. CLICK HERE to take our event survey. Please take a moment to complete this survey. Your feedback is important to

leadership team img1

Michelle Drolet

Did you know that 74% of employees say their job is more fulfilling when they are provided opportunities to make a positive impact at work? Towerwall is proud to be a sponsor of Foundation for MetroWest’s 2017 Community Leadership Breakfast. The Breakfast is one of MetroWest’s key events of the year: it gives corporate decision makers

leadership team img1

Michelle Drolet

Any breach of the General Data Protection Regulation could lead to severe fines. The General Data Protection Regulation (GDPR) went through four years of preparation and debate before being passed by the EU parliament last year. Strict GDPR requirements lay out how companies should process, store, and secure the personal data of EU citizens. The enforcement date

leadership team img1

Michelle Drolet

Date: October 25, 2017 Time: 3:00pm-6:30pm Location: DCU Center 50 Foster Street, Worcester Single Ticket Rate: $40.00 Register Today > Please join us and presenting sponsor Echostor and NetApp for this special forum for CIOs, CISOs, CTOs, senior IT leaders and business owners from all industries. Connect and collaborate with some of the area’s top experts on relevant and timely business technology issues and

leadership team img1

Michelle Drolet

Happy National Cyber Security Awareness Month! Kick off October with our recent Lunch with a vCISO webinar “Do You Know Your Risk Tolerance – The Role of a vCISO.” Listen Now >  

leadership team img1

Michelle Drolet

Companies must respond to data breaches properly to limit the damage. Unfortunately, Equifax did not. There have been some very high-profile data breaches in the last few years, but the latest disaster to hit the headlines concerns one of the largest credit bureaus in the United States. It’s estimated that the Equifax data breach exposed 143 million consumers, with

leadership team img1

Michelle Drolet

Join Sophos CEO Kris Hagerman and SVP Dan Schiappa at the Revere Hotel in downtown Boston to learn more about the latest development in Sophos’ innovative approach to endpoint protection. Seating is limited; reserve your seat today to discover: Sophos’ vision on the future of cybersecurity, direct from our CEO and SVP of Products How

leadership team img1

Michelle Drolet

Wednesday, October 11, 2017 6:00 PM to 8:00 PM Skyboxx 319 Speen Street, Natick, MA Despite record investments in cyber security technology, the data continues to paint a bleak picture: 91% of breaches start with spear phishing 146 Days – the average time to identify a breach 82 Days – the average time to contain

leadership team img1

Michelle Drolet

WELLESLEY HILLS, MA (September 20, 2017) – Massachusetts Bay Community College is pleased to announce it has received a generous donation of $10,000 from this year’s annual Information Security Summit to support student scholarships in the field of cyber security. The Information Security Summit, held each year on MassBay Community College’s Wellesley Hills campus, was

leadership team img1

Michelle Drolet

The need for continuous monitoring, effective metrics and skilled workers. The laudable aim of the National Institute of Standards and Technology (NIST) is to build a common language through a set of best practices and security principles that any organization can apply to combat cybercrime. We’ve looked at what NIST’s Cybersecurity Framework can do for you.

leadership team img1

Michelle Drolet

Each session will provide unprecedented access to the industry’s top Virtual Chief Information Security Officers and cover critical issues in the field. The interactive series will cover a variety of topics, such as aligning information security policies with your firm’s culture and how to prepare for an audit. Attendees will be given the opportunity to

leadership team img1

Michelle Drolet

Diving into NIST Special Publication 800-53 for practical advice. We’ve already laid out a broad overview of what NIST’s cybersecurity framework can do for you, so today we’re going to drill into Special Publication 800-53. Published by the National Institute of Standards and Technology, and based on important research from the Information Technology Laboratory, this publication offers

leadership team img1

Michelle Drolet

Medical marijuana, like any controlled substance, requires a strong system of identifying patients properly. As the industry matures, the federal government has increasingly been more involved in enforcing ever more stringent laws and regulations on medical marijuana dispensaries. While it is easy to dismiss this if you’re running your business on a strictly cash-only basis,

leadership team img1

Michelle Drolet

Practical advice to help you build a solid InfoSec plan The risk of your business falling victim to cybercrime has never been higher. Despite a seemingly endless parade of high profile data breaches, ransomware attacks, and phishing scams, many organizations still lack the necessary defenses to identify, prevent, or recover from an attack. The trouble

leadership team img1

Michelle Drolet

Over the last few years we’ve observed the steady rise of ransomware with some trepidation. It is fast becoming a multi-million dollar business, and it’s getting surprisingly sophisticated. The ransomware industry is continually innovating, offering cybercriminals new technology, various business models, and all the support they need to conduct successful attacks on unsuspecting individuals and

leadership team img1

Michelle Drolet

Canna Care Docs is a dynamic company specializing in cannabinoid therapies. Canna Care Docs hired Towerwall to assess their effectiveness in protecting sensitive information such as patient health information and employee personal information from security breaches.

leadership team img1

Michelle Drolet

Canna Care Docs is a dynamic company specializing in cannabinoid therapies. Canna Care Docs hired Towerwall to assess their effectiveness in protecting sensitive information such as patient health information and employee personal information from security breaches. Click here to read the Case Study >  

leadership team img1

Michelle Drolet

This eBook is a quick start guide for financial institutions who are interested in Banking Cannabis. It covers: the Cannabis Outlook on a national and state level, who is banking cannabis today, the problem with banking cannabis today and how Towerwall can help.

KelleyGallo

Kelley Gallo

Thanks to all who attended and sponsored our 2017 Information Security Summit. It was a great turnout where we discussed a number of issues and threats facing InfoSec today. We were happy to see attendees share ideas and continue the discussion online with #summitbuzz17 Here are some of the topics discussed at this year’s summit:

leadership team img1

Michelle Drolet

10) Always lock your screen. Unlocked phones are always going to dangerously accessible. The first line of defense is a PIN, password, pattern or a biometric measure like your fingerprint. 9) Only install trusted apps. Apps should only ever be installed from official app stores, or your enterprise app store, to reduce the risk of

leadership team img1

Michelle Drolet

Please join us for the The ISSA New England Chapter’s 2017 Sponsor Expo Wednesday, August 2, 2017 from 8:00 AM to 4:30 PM EDT Verizon Labs 60 Sylvan Rd Waltham, MA 02451 You are invited to ISSA, New England Chapter’s Annual Sponsor Expo and Chapter Meeting. Compete in the Security Bee (questions from the CISSP exam)

leadership team img1

Michelle Drolet

We need to make sure the highly regulated world of cannabis business knows how to protect its data, customer and otherwise, yet also control access to it without too much hassle. As an insurgent breed, hackers are savvy and will seek out the path of least resistance. When your defenses are good, the weak link

leadership team img1

Michelle Drolet

“Those within cyber security circles know ransomware has become a lucrative billion dollar business for an army of cybercriminals…It’s time you learn about the tricks and trade of cybercriminals and how their threats are constantly evolving.”– John Shaw, Vice President, Enduser Security Group, Sophos Please join Towerwall and Sophos for an exclusive lunch and learn.

leadership team img1

Michelle Drolet

After the recent wave of WannaCry ransomware attacks, managed service providers said the key takeaway they are bringing to customers going forward is the importance of proactive security. “Our whole stance is around proactive security. When you have proactive [security], WannaCry is not going to have an impact,” said Michelle Drolet, CEO of Framingham, Mass.-based

leadership team img1

Michelle Drolet

The legal regime for cannabis is a highly fractured one in the U.S. As of today, we’re approaching the legalized use of either recreational or medicinal marijuana in 30 states with eight states and the District of Columbia nearing full recreational use. Five states in the country continue to ban any use of cannabis, including

leadership team img1

Michelle Drolet

Everything you need to know to stop ransomware. Please join Towerwall and Sophos for an exclusive lunch and learn to learn how to stop ransomware cold. You’ll find out about: Polymorphic Malware What is Next Generation Malware How does a ransomware attack happen? 9 best security practices to apply NOW! June 28, 2017 | 12:00

leadership team img1

Michelle Drolet

BOSTON – May 15, 2017 – Towerwall (www.towerwall.com), a data security services provider for small to mid-size businesses, today announced that CRN®, a brand of The Channel Company, has named Michelle Drolet, Towerwall founder and chief executive officer, to its list of 2017 Power 30 Solution Providers, an elite subset of its prestigious annual Women

leadership team img1

Michelle Drolet

Channel partners can make arguments for the integrated security suite and the best-in-class point product method, but the decision ultimately rests on a customer’s specific needs.   “Security is not one-size-fits-all, so it depends on the type of organization and what their risk tolerance level is,” said Michelle Drolet, CEO at Towerwall Inc., a data

leadership team img1

Michelle Drolet

10. Freely hackable Free public Wi-Fi connections are treated like a public utility, but they can be making you vulnerable to hackers. 9. Sign me up By default, most mobile phones/devices are set to ask your permission to join a network. Once you obtain credentials, the known network will join your phone automatically. 8. Sniffing

leadership team img1

Michelle Drolet

Michelle Drolet and the Towerwall team will be attending the 36th Annual New England Bank Technology + Retail Banking Conference and Exhibit, on Friday, May 19th at the DoubleTree in Danvers, MA. Stop by Booth 27 where we will be discussing: FinTech Security Challenges Topics include: Today’s top security threats and how to stay safe Identifying

leadership team img1

Michelle Drolet

User behavior analytics sniffs out anomalies in users’ actions and alerts IT security teams of suspicious behavior The theft of unstructured data is extremely common. It can be very difficult to safeguard emails and files when a lot of people have access. Even the CIA is not immune, judging by the recent exposure of its

leadership team img1

Michelle Drolet

AlienVault recently announced a new addition to the AlienVault training portfolio: Incident Response for USM Appliance Analysts, a two-day course that we will start delivering Live and Online in May. AlienVault has had *many* requests from customers and MSSPs for training focused on the analysis of threats identified by the USM Appliance. This course provides

leadership team img1

Michelle Drolet

Security is taking a backseat as more and more devices connect to the internet The tech world moves at a tremendous pace, unleashing wave after wave of innovation intended to improve our everyday lives. Many new devices, from security cameras to fridges, or TVs to baby monitors, are now internet connected. This affords us remote

leadership team img1

Michelle Drolet

In order to stay ahead of threats, you need to know what to watch out for. This great article: Fraud Speak — Learn the Lingo to Beat Scammers > breaks down and defines hacker lingo. Stay informed, stay ahead, stay safe.

leadership team img1

Michelle Drolet

Join us for our next InfoSec at Your Services Meetup: “7 Secrets of Offensive Security” by Gary Miliefsky   When: Thursday, April 6, 2017 6:30 PM to 8:00 PM Where: Skyboxx, 319 Speen Street, Natick Host: Gary Miliefsky Meet Gary > We will discuss: The 7 Secrets of Offensive Security. With all the breaches happening in

leadership team img1

Michelle Drolet

Back when Apple was the plucky young upstart that dared to be different, the Mac was the machine for creative types and there was a perception that it wasn’t a target for hackers because of its cultural cool factor. You would expect the same rules to apply to the legalized marijuana market, but a major

leadership team img1

Michelle Drolet

Anatomy of a national point-of-sale breach and takedown of 1,000-plus marijuana dispensaries Back when Apple was the plucky young upstart that dared to be different, the Mac was the machine for creative types and there was a perception that it wasn’t a target for hackers because of its cultural cool factor. You would expect the

leadership team img1

Michelle Drolet

10) Change your password. If you’ve been using the same password for a long time, then it’s time to change it. You should not only change your passwords regularly but not use the same one for every app or website. Try to use more than 13 characters. 9) Turn off wireless connections. When you aren’t

leadership team img1

Michelle Drolet

Cumberland County College invites regional decision-makers to hear Google’s Executive Leadership Coach Steve Vinter and Towerwall’s Michelle Drolet at the college’s 2017 Business Leaders’ Summit. Click here for more information >

leadership team img1

Michelle Drolet

What you need to know to defend against targeted attacks. The threat of a targeted attack for any business is real and substantial. It’s vital to ensure that your organization can identify constantly evolving threats, find abnormal and suspicious activity, and take effective action to keep your data safe. Consider that, on average, attackers are

leadership team img1

Michelle Drolet

Click here for more information & to register! Please save the date and plan to  join us for this timely forum on what you need to know about the latest security issues, threats, and technologies that will help you protect your business!

leadership team img1

Michelle Drolet

10) Adult use A key legislative issue for both opponents and supporters. Only those 21 and over can legally consume, possess and grow marijuana. Some legislators are advocating for a higher age limit. 9) Possession Massachusetts residents can now legally possess up to 10 ounces of marijuana in their primary residence. 8) Growing Massachusetts residents

leadership team img1

Michelle Drolet

Fresh and familiar threats to concern IT departments. As we embark on 2017, it’s time to reflect on a year where cybersecurity has played a major role. Even presidential campaigns haven’t been free from hacking scandals and data leaks. The average cost of a data breach for companies grew from $3.8 million last year to

leadership team img1

Michelle Drolet

Our own Michelle Drolet sits down with tED Magazine to discuss what security measures companies can take to protect their data. Read the full article >

leadership team img1

Michelle Drolet

We need to secure the internet of things. The internet of things (IoT) is all about connecting devices to the internet so that they can talk to each other and to us, to make life more convenient. That might mean turning on the lights when we get up, or allowing us to use our phones

leadership team img1

Michelle Drolet

The Silicon Review has declared SnoopWall is One of the 50 Fastest Growing Tech Companies for 2016. SnoopWall, Inc. delivers breach prevention technology that helps small to medium size enterprises (SMEs) get one step ahead of the next cyber-criminal, malicious insider, phishing attacks, ransomware or zero-day malware behind the corporate firewall. Customer adoption and growth

leadership team img1

Michelle Drolet

Great turnout this year at Worcester Business Journal’s Outstanding Women in Business Awards Our own founder and CEO Michelle Drolet was voted among six other local business leaders as “2016 Outstanding Women in Business” by the Worcester Business Journal. “The winners were selected on their career achievements, ability to transcend both male- and female-dominated professions,

leadership team img1

Michelle Drolet

Join us for our next InfoSec at Your Services Meetup: “Staying on Top of Your Info Sec Game” by Candy Alexander   When: Thursday, January 19, 2017 6:30 PM to 8:00 PM Where: Margaritas Mexican Restaurant 725 Cochituate Rd , Framingham, MA Host: Candy Alexander Meet Candy > We will discuss: As you’ve probably heard,

leadership team img1

Michelle Drolet

Find out how to prepare for new EU legislation on data collection and security In 2012, the European Commission proposed new regulations on data protection that would supersede the national laws of the 28 EU member states. It was formally approved in April this year, and it will go into effect May 25, 2018. This

leadership team img1

Michelle Drolet

Company among top 20 recognized for their IT security leadership and innovation BOSTON – November 15, 2016 – Towerwall (www.towerwall.com), a data security services provider for small to mid-size businesses, today announced that Cyber Defense Magazine has named Towerwall a “Cyber Security Leader for 2016.” Towerwall was among the top 20 companies to receive the

leadership team img1

Michelle Drolet

The key to securing against this threat lies in a common metaphor—if a ship has a hole, it is better to patch the breach than bail the water Data breaches are increasingly becoming an expensive problem for more and more companies. According to the most recent Ponemon Institute Data Breach report, insecure data cost companies

leadership team img1

Michelle Drolet

Michelle Drolet, CEO of Towerwall in Framingham, is an innovative thinker. Never one to shy away from looking at new factors that come into a situation with an open perspective, she has a few things she’s learned about good management and good leadership along the way. First, she delegates more. “When I first started, it

leadership team img1

Michelle Drolet

The average cost of a data breach involving fewer than 10,000 records was $5 million The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo

leadership team img1

Michelle Drolet

This year’s winners represent “the best of what professionals in the region can be” BOSTON – October 25, 2016 – Towerwall (www.towerwall.com), a data security services provider for small to mid-size businesses, today announced that its founder and CEO Michelle Drolet was voted among six other local business leaders as “2016 Outstanding Women in Business”

leadership team img1

Michelle Drolet

We are honored to be named a Cyber Security Leader 2016 by Cyber Defense Magazine We are excited to share the list other worth leaders in cyber security. Click here to see the full list of winners. Click here to read the latest edition of Cyber Defense Magazine > For nearly 25 years, our dedicated

leadership team img1

Michelle Drolet

Thank you to all who attended our inaugural InfoSec at Your Services Meetup! We discussed current and emerging issues, best practices and challenges facing information security and cyber security leaders across all industries. Stay tuned for more upcoming InfoSec Meetup events.

leadership team img1

Michelle Drolet

Healthcare providers have always been attractive targets for data breaches. Why? The value of a health record is high. According to Reuters, health records are 10 to 20 times more valuable than credit card numbers. Rather than stealing health records and trying to sell them on the black market, cybercriminals are using ransomware to turn a much quicker profit.

leadership team img1

Michelle Drolet

Last week we hosted an informative webinar on today’s ransomware threats with our security partner Sophos. Watch a recording of the webinar below. I am sure you are seeing the explosion of ransomware in the headlines. Businesses of every size are targets and analysts estimate ransomware is on pace to be a $1B/year crime in

leadership team img1

Michelle Drolet

10) Nothing hazy about the laws Marijuana (or cannabis) is one of the most highly regulated industries in the world, and Massachusetts has the strictest rules governing its production, retailing, grow, testing and security operations. 9) You can be raided. Marijuana businesses must comply with federal, state, city and county regulations and requirements. Despite medical-use

leadership team img1

Michelle Drolet

Join us for our inaugural InfoSec at Your Services Meetup!   When: Wednesday, October 19, 2016 6:30 PM to 8:00 PM Where: Margaritas Mexican Restaurant 725 Cochituate Rd , Framingham, MA We will discuss: Risk Communication Strategy – This biggest risk is the uncommunicated one. Hoarding knowledge doesn’t make you the smartest person in the

leadership team img1

Michelle Drolet

Check out one of the upcoming complimentary partner webinars:   Brute Force Attacks: Keeping the Bots at Bay with AlienVault USM Tuesday, October 11th 10:00am CST / 4:00 PM BST Hosted by AlienVault Brute force attacks are relatively simple for attackers to implement and they can wreak havoc on your organization if you don’t detect

leadership team img1

Michelle Drolet

Stay vigilant, plan your response and test your defenses with CIS Controls 18, 19 and 20 This is the final entry in our series on the 20 Critical Security Controls devised by the Center for Internet Security (CIS) as best practices to help the public and private sectors tighten their cybersecurity. We started down the

leadership team img1

Michelle Drolet

Wednesday, October 12, 2016 11:00 AM – 12:00 PM EDT Hosted by Towerwall and Sophos I am sure you are seeing the explosion of ransomware in the headlines. Businesses of every size are targets and analysts estimate ransomware is on pace to be a $1B/year crime in 2016. Sophos Intercept X is their newly released

leadership team img1

Michelle Drolet

We are honored to share that our blog was named as a Top Computer Security Blogs 2016 by CreditDonkey. CreditDonkey sites: “Business owners who want the latest information on the world of digital security will appreciate this blog’s straightforward approach to news and advice.” We are excited to share the list with some of our security

leadership team img1

Michelle Drolet

The NSA should disclose all zero-day exploits. But it doesn’t. To say the National Security Agency (NSA) prefers to lay low and shuns the limelight is an understatement. One joke said about the secretive group, widely regarded as the most skilled state-sponsored hackers in the world, is NSA actually stands for “No Such Agency.” But

leadership team img1

Michelle Drolet

WELLESLEY HILLS, MA (August 2016) – Massachusetts Bay Community College is pleased to announce it has received a generous donation of $5,000 from this year’s annual Information Security Summit to support student scholarships in the field of cyber security. The Information Security Summit, held each year on MassBay Community College’s Wellesley Hills campus, was established

leadership team img1

Michelle Drolet

With all the breaches happening in the news, isn’t it time you get one step ahead of the next threat? Get proactive and learn these secrets before you become the next victim.

leadership team img1

Michelle Drolet

When is the right time to rent yourself a CISO? The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety—and a widening gap in the skills required to identify and combat them. Having someone who knows how to lead the charge in identifying and analyzing threats, creating strategic security plans and

leadership team img1

Michelle Drolet

7 Secrets of Offensive Security Please join us for a complimentary Lunch & Learn session. Tuesday, August 16 11:00 am – 1:00 pm EST Sheraton Framingham Hotel, Framingham, MA *EARN CPE CREDITS In this session you will learn: The 7 Secrets of Oensive Security. With all the breaches happening in the news, isn’t it time

leadership team img1

Michelle Drolet

Stay on top of account management and assess staff security skills with CIS Controls 16 and 17 You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most likely

leadership team img1

Michelle Drolet

OXFORD, U.K., July 19, 2016 – Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced Sophos SafeGuard Encryption 8, a new synchronized encryption solution that protects data against theft from malware, attackers or accidental leaks. All organizations can now choose to adopt the best practice of “always-on” file-level encryption to protect

leadership team img1

Michelle Drolet

Ensuring overall compliance with strict regulations is the next growth opportunity. Whatever you think of it, marijuana is here to stay and coming to full legalization in a state nearest you. Controversy follows cannabis into every branch of society: political, cultural, science, health, education, legal and finance. A quick search on YouTube will show heartbreaking

leadership team img1

Michelle Drolet

Towerwall & SnoopWall Complimentary Webinar: Breach Prevention & Near-Term ROI Tuesday, July 26 11:00am – 12:00pm EST Register Now > Today’s hyper-aggressive cyber landscape finds 40% of organizations are breached and the threat of regulatory and compliance fines are impacting productivity and business operations. 95% of these breaches occur behind firewalls on antivirus protected endpoints.

leadership team img1

Michelle Drolet

Thanks to all who attended and sponsored our 2016 Information Security Summit. It was a great turnout where we discussed a number of issues and threats facing infosec today. We were happy to see attendees share ideas and continue the discussion online with #summitbuzz16 Here are some of the topics discussed at this year’s summit:

leadership team img1

Michelle Drolet

Failing to take basic security precautions with website passwords puts your data at risk Do you remember back in 2012 when LinkedIn was hacked? Around 6.5 million user passwords were posted on a Russian blog. There was a mandatory password reset for affected users, and LinkedIn released a statement advising people to enable two-step verification

leadership team img1

Michelle Drolet

Make sure the Internet of Things isn’t a route for hackers to get into your home or workplace As more and more Internet-connected devices find their way into our homes and businesses, it’s important to remember that they represent a security risk. The Internet of Things (IoT) is growing rapidly, and in the rush for

leadership team img1

Michelle Drolet

Higher education institutions are a prime target for cybercriminals, and IT needs resources to prevent attacks and provide a proper level of security No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only to

leadership team img1

Michelle Drolet

Your company’s data is its crown jewels, and you must protect it all times. CIS Controls 13, 14 and 15 will help you. Earlier we delved into disaster recovery and network security. Now it’s time to take a look at Critical Security Controls 13, 14 and 15, which cover data protection and access control. The Critical

leadership team img1

Michelle Drolet

We will be attending, sponsoring and hosting the following InfoSec events this Spring / Summer. Join us!   Security BSides Boston 2016 Saturday, May 21 2016 Security BSides is the first grass roots, DIY, open security conference in the world! Security BSides is a great combination of two event styles: structured anchor events and grass-roots

leadership team img1

Michelle Drolet

10. Backup files every night. If you can access yesterday’s files, then there is no need to pay to unlock them today. 9. Patch automatically. Make sure operating systems software on all devices (phones, tablets, laptops) and browsers are patched automatically with security updates. 8. Update software. Make sure your endpoints and network devices are

leadership team img1

Michelle Drolet

Is your organization safe from all these connected devices? Wearables are rapidly invading the workplace in much the same way that smartphones did. Fitness trackers, smartwatches, head-mounted displays and other new form factors are beginning to capture the public imagination. Sales of wearable electronic devices topped 232 million in 2015, and Gartner forecasts they’ll rise

leadership team img1

Michelle Drolet

How security researchers and programmers hunt software bugs for cash rewards The business of bug hunting is a potentially lucrative one for both seasoned security researchers and amateurs with an interest in hacking. It’s an area that’s gaining legitimacy thanks to official bug bounty programs and hacking contests, but there’s still a seedy underbelly that

leadership team img1

Michelle Drolet

Watch out for April Fools scamming on Friday by Kevin Frey Annually, businesses and organizations often put up jokes or pranks for April Fools’ Day. Google, Starbucks, Amazon, etc. are frequent participants. E.g. Last year, Amazon revamped their site to look their old, original 1999 version… and Google (known for multiples) turned its “Maps” app

leadership team img1

Michelle Drolet

Complacency in addressing known vulnerabilities puts users at risk If you have even a passing interest in security vulnerabilities, there’s no chance that you missed the news about the DROWN vulnerability. It’s one of the biggest vulnerabilities to hit since Heartbleed, potentially impacting a third of all HTTPS websites. By exploiting the obsolete SSLv2 protocol,

leadership team img1

Michelle Drolet

According to Cisco’s 2015 Annual Security Report, 91 percent of companies have an executive with direct responsibility for security, but only 29 percent of them have a Chief Information Security Officer. The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety, and a widening gap in the skills required to identify

leadership team img1

Michelle Drolet

Click here for more information & to register! Please save the date and plan to  join us for this timely forum on what you need to know about the latest security issues, threats, and technologies that will help you protect your business!

leadership team img1

Michelle Drolet

WASHINGTON –  The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees. The IRS has learned this scheme part of the surge in phishing emails seen this year already has

leadership team img1

Michelle Drolet

Security researchers reveal new technique to break TLS using SSLv2 server. The war to close down security vulnerabilities is never-ending, but the new “DROWN” vulnerability is one of the biggest to rear its ugly head in recent months. A group of security researchers from a number of different universities and research institutes just unveiled this

leadership team img1

Michelle Drolet

Following the Center for Internet Security’s best practices. We discussed building malware defenses the last time out, but today we’re going to focus on Critical Security Controls 10, 11, and 12 covering data recovery, secure network configuration, and boundary defense. It’s unrealistic to think that you can completely avoid cyberattacks and data breaches, so it’s

leadership team img1

Michelle Drolet

Privacy and data protection issues confront all organizations—whether you handle employee information, credit card data, sensitive financial information, or trade secrets. Securing data is a daunting task that is further complicated by cross-border transfer issues and the differences in privacy laws around the world. The team at BakerHostetler has developed a prompt and practical PDF

leadership team img1

Michelle Drolet

10. A hedge against a breach A virtual chief information security officer can serve as security consul or as an interim CISO to fill the gaps during a planned information-technology security policy review. Better to be safe than sorry. 9. High talent at low costs As a temp hire, a vCISO offers flexibility and cost

leadership team img1

Michelle Drolet

As threats evolve and grow more sophisticated, securing IT systems is more important than ever. We may welcome in the New Year with open arms, but we must also prepare for the cybersecurity threats ahead of us. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute put the average cost of

leadership team img1

Michelle Drolet

Ransomware-as-a-service, help desks, third parties — all point to a mature yet illegal enterprise undergoing serious growth. Here are tips to protect yourself and your company. Ransomware is big business. Over the last few years we’ve observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and it’s

leadership team img1

Michelle Drolet

Friday, May 20 2016 (Training) Saturday, May 21 2016 (Conference) Follow BSidesBoston on Twitter: #BSidesBOS @BsidesBoston @MicrosoftNERD Questions: help@bsidesboston.org When: Friday, May 20th, 2016, TBD (Training)Saturday, May 21st, 2016, 9am – 6pm (Conference) Saturday, May 21st, 2016, 9am – 6pm (Conference) Where: Microsoft NERD, 1 Memorial Drive, Cambridge, MA Hotel Room Block: TBD Cost: $20 (This

leadership team img1

Michelle Drolet

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal.  Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a significant step

leadership team img1

Michelle Drolet

10. Everything is connected. As the Internet of Things adds more and more devices to our networks, it creates more doors and windows for cyber criminals. Keep them locked. 9. Ransomware is on the rise. If you don’t want to end up paying to access your own data, then make sure that you protect it

KelleyGallo

Kelley Gallo

The ISSA of New England’s 2nd annual virtual chapter meeting will be on: Thursday, January 21 at 12:00 Noon. ( Yes, while you eat lunch you can join us online. ) Careers in Cyber Security is the theme of this meeting. The most pressing problem in security is for sure the lack of qualified people

leadership team img1

Michelle Drolet

Hacking and data breaches weren’t just the norm, but they reached far and wide, hitting victims of all kinds, from regular consumers, to government employees, and even children and cheaters. It seemed like no one was spared. The Worst Hacks of 2015…drum roll please! Israel Government Allegedly Hacks Kaspersky Lab The Massive Breach at OPM,

leadership team img1

Michelle Drolet

A “ransomware” segment was recently on NBC’s  Today featuring our security partner Sophos. To learn more about ransomware. click the thumbnail below:    

leadership team img1

Michelle Drolet

Another staple in a series examining the Center for Internet Security’s best practices. Our last article looked at applying Critical Security Controls 4, 5, and 6 to your organization, covering vulnerability assessment, administrative privileges, and audit logs. Now it’s time to move on to CSCs 7, 8, and 9. Email programs and web browsers are

leadership team img1

Michelle Drolet

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we’re going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs.

leadership team img1

Michelle Drolet

Originally posted on MetroWest Daily News. Towerwall, a Framingham-based network security and policy management company, donated $7,000 to the MassBay Foundation to sponsor student scholarships. Towerwall CEO Michelle Drolet, who is also a board member of the MassBay Foundation, presented MassBay interim president Yves Salomon-Fernandez, MassBay chief information officer Michael Lyons and MassBay vice president

leadership team img1

Michelle Drolet

How can you make sure the mobile apps you access are secure? A security profile should be at the top of the developer’s list when compiling a mobile app but that’s hardly the case. That’s a pity, because building a profile is easier to do during the dev phase. Are most mobile apps putting your

leadership team img1

Michelle Drolet

Vendors and other third parties should be treated with the same level of intense scrutiny as your own in-house risk compliance mandates. How seriously is your company treating the risk of a data breach? Have you done due diligence on all of your vendors and third-party partners? Cyberattacks can have a devastating impact in terms

leadership team img1

Michelle Drolet

by Sarah Kuranda Sophos is launching a new technology Monday that synchronizes threat intelligence and automation across endpoint and network levels. Sophos Security Heartbeat, part of the Oxford, England-based company’s new XG firewall series, links together the company’s next-generation firewall and UTM solutions with its next-generation endpoint technologies. In doing that, the company said, it is

leadership team img1

Michelle Drolet

When it comes to infosec, many of the most core basics are being overlooked. Many of the most obvious areas where security can be tightened up with little effort are being blatantly ignored. Are you doing your level best by covering the basics? Below are seven potential vulnerabilities. Most of these can be tackled without

leadership team img1

Michelle Drolet

Critical Security Controls is a set of best practices devised by the Center for Internet Security, a nonprofit dedicated to improving cybersecurity in the public and private sectors. Cyberattacks are costing businesses between $400 billion and $500 billion per year, depending on which analysts you listen to. Cybersecurity has never been a hotter topic. The

leadership team img1

Michelle Drolet

The Enterprise is at risk from malware and vulnerabilities hiding within mobile apps. You have to test your mobile apps to preserve your security. Mobile apps are ubiquitous now, and they offer a range of business benefits, but they also represent one of the most serious security risks ever to face the enterprise. The mixing

leadership team img1

Michelle Drolet

Encryption has a bad rap and far too often protection schemes are deployed foolishly without encryption in hopes of protecting data. t’s a heartache, nothing but a heartache. Hits you when it’s too late, hits you when you’re down. It’s a fools’ game, nothing but a fool’s game. Standing in the cold rain, feeling like

leadership team img1

Michelle Drolet

Encrypting data on your own might be the smartest move. For those of you old enough to remember the TV comedy series “Get Smart” featuring a spy that used his shoe for a phone, the good guys belonged to an agency called “Control,” and the bad guys were affiliated with “Chaos.” This month “Get Smart”

leadership team img1

Michelle Drolet

10. You need a WISP. A written information security policy, or WISP, is vital. Make sure there’s a person in charge of enforcing it. 9. Always encrypt data. Sensitive data, especially personally identifiable information, must be encrypted at all times, from the server, to the cloud, to a laptop or USB drive. 8. Check your

leadership team img1

Michelle Drolet

Non-compliance is a risk, and the Attorney General’s office carries a big stick for those who don’t follow the rules. If you don’t have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that

leadership team img1

Michelle Drolet

 The “Stagefright” hole in Android – what you need to know Provided by Paul Ducklin at Sophos, Inc. The conference circuit can be a competitive arena, especially when there are multiple parallel streams. For example, back in 2010, I was at Black Hat in Las Vegas, and I attended the talk next door to the late Barnaby Jack’s now legendary

leadership team img1

Michelle Drolet

Join us at the the Fall meeting of the ISSA of New England on: Thursday, September 17, 2015 11:00 AM to 3:30 PM @Showcase Cinema de Lux at Patriot Place – Gillette Stadium, Route 1, Foxborough, MA Click here for more information on the ISSA, Speakers and Keynote topics Click here to Register   About ISSA

leadership team img1

Michelle Drolet

Are you patching quickly enough? How safe is the software you use? Do you have a system in place to identify vulnerabilities and patch them when they are discovered? How quickly do you react to vulnerability reports? There’s evidence that software vulnerabilities are on the rise, and few companies are taking the necessary action to

leadership team img1

Michelle Drolet

Cybersecurity is only as strong as the weakest link. If your organization is using third-party vendors, policing their activity is critical to cybersecurity. Few can forget the theft of 110 million customer credit cards from Target in December 2013. But not as many know how hackers gained access to such a vast amount of sensitive

leadership team img1

Michelle Drolet

Falling victim to a ransomware attack is most definitely inconvenient, but it could also serve as a wake-up call to the importance of backing up important data. You’re minding your own business, sitting at your office computer. Suddenly, a pop-up appears – with the logo of the FBI – warning that you’re under investigation for

leadership team img1

Michelle Drolet

Once again, the Information Security Summit hosted by Towerwall and MassBay was a resounding success. Hundreds of attendees and vendors participated in  diverse data security panels and networked with industry leaders and peers. The Summit opened with Michelle Drolet, CEO of Towerwall, and Shamsi Moussav, Computer Science Professor at MassBay Community College, presenting scholarships to

leadership team img1

Michelle Drolet

The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety, and a widening gap in the skills required to identify and combat them. Having someone that knows how to lead the charge in identifying and analyzing threats, creating strategic security plans and ensuring compliance, requires the right level of expertise. Many

leadership team img1

Michelle Drolet

Is Android secure enough for the enterprise? Android has a bad reputation when it comes to security, which is unfortunate because it’s the biggest mobile platform around in terms of market share. Gartner says Android claimed 80.7% of the worldwide smartphone market in 2014. We know that the BYOD trend has sparked a dramatic rise in personal mobile

leadership team img1

Michelle Drolet

For all the infosec hurdles to overcome, we can build a bright future if the enterprise can pull together. We often talk about the enormous challenges facing IT departments around the world. The consumerization of IT, driven by the BYOD trend and coupled with mobility, has given birth to a wide range of serious security

leadership team img1

Michelle Drolet

From unencrypted email to open Wi-Fi to faulty firewalls, some of the most common security threats could easily give away the entire farm. More threats emerge for IT departments every year. Cybersecurity is increasingly challenging as attacks get more sophisticated. But many core basics are still being ignored. Verizon’s 2015 Data Breach Investigations Report put

leadership team img1

Michelle Drolet

Teaching the workforce to create a heightened state of awareness. It’s time for the business world to toughen up on security. The threat from cybercriminals is pervasive. Successful attacks on financial institutions, large retailers, and even government bodies, are all too common. There’s a reason that the Worldwide Threat Assessment of the US Intelligence Community

leadership team img1

Michelle Drolet

Towerwall Founder and CEO Michelle Drolet’s latest article “Secure Your Future with a Virtual CISO” is featured in the Infosecurity Magazine. Read more below: The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety and a widening

leadership team img1

Michelle Drolet

Towerwall Founder and CEO Michelle Drolet’s latest article “Secure Your Future with a Virtual CISO” is featured in the Infosecurity Magazine. Read more below: The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety and a widening gap in the skills required to identify and combat them. Knowing how to lead the charge

leadership team img1

Michelle Drolet

Cyber risk report cites server misconfigurations as the No. 1 vulnerability. It’s often said, “There’s nothing new under the sun.” And that appears to be the case in the world of cybersecurity where hackers most often exploit known vulnerabilities to gain access to private computer files, according to HP’s 2015 Cyber Risk Report. Maintaining strong computer security,

leadership team img1

Michelle Drolet

Towerwall Founder and CEO Michelle Drolet’s latest article “Know When to Onboard a Virtual CISO” is featured in the Web Security Journal. Read more below: A virtual Chief Information Security Officer (CISO) can be an invaluable asset to your company. The virtual CISO provides your business with a person who will be in charge of the electronic

leadership team img1

Michelle Drolet

Frequently, companies don’t realize that the mobile apps they use are reason for concern. Once their data is breached, they begin to investigate. However, there are telltale signs that indicate an insecure mobile app. If you know what to look for, you may be able to avoid a catastrophic data breach. Mobile apps are everywhere

leadership team img1

Michelle Drolet

  Tips for your third-party risk management program “Home Depot said the crooks initially broke in using credentials stolen from a third-party vendor […] Recall that the Target breach also started with a hacked vendor…” — Brian Krebs, Krebs on Security In everyday business, a complex set of external relationships is commonplace. Services, infrastructure, and

leadership team img1

Michelle Drolet

The US Federal Communications Commission (FCC) on Thursday lay down 400 pages worth of details on how it plans to regulate broadband providers as a public utility. These are the rules – and their legal justifications – meant to protect net neutrality. They were passed last month, and details have been eagerly anticipated. The main gist of the lengthy document

leadership team img1

Michelle Drolet

Our Michelle Drolet is quoted in TechTarget’s article “Four ways DevOps can boost AWS security“. Read more below: Many IT teams believe security belongs to someone else. Building security into the DevOps process can be a tricky but rewarding move. Combine the “It’s not my job” belief that many IT administrators have about security tasks

leadership team img1

Michelle Drolet

Four ways to implement and maintain security testing. Cybercriminals had a fantastic time in 2014 – breaching major retailers such as Home Depot and Kmart, major financial institutions (notably JPMorgan Chase), and a slew of smaller companies. Indeed, cybercrimes are growing more common, more costly, and taking longer to resolve. Those are among the key findings

leadership team img1

Michelle Drolet

Towerwall is proud to offer our new vCISO Program. Introducing Towerwall’s vCISO Program, our unique approach to Virtual CISO. Offering three distinct partner options, our vCISO solutions are tailor fit to your organization’s security needs. Recognizing many small and mid-sized companies have security concerns, yet do not warrant a full-time position, the Towerwall vCISO Platform

leadership team img1

Michelle Drolet

secuProvided by William Gallagher Associates Insurance Brokers, Inc. News broke last week that Anthem, the nation’s second-largest health insurance carrier, was the victim of a data breach by external hackers. This breach affects both current and potentially former clients of Anthem. WGA is monitoring the situation on an ongoing basis, and here is what we

leadership team img1

Michelle Drolet

Towerwall Founder and CEO Michelle Drolet’s latest article “Bridging the Cybersecurity Skills Gap: 3 Big Steps” is featured in the InformationWeek Dark Reading. Read more below: The stakes are high. Establishing clear pathways into the industry, standardizing jobs, and assessing skills will require industry-wide consensus and earnest collaboration. There is a dangerous dearth of qualified Information

leadership team img1

Michelle Drolet

Our Michelle Drolet is quoted in NetworkWorld’s article “Are mobile apps putting your data at risk?“. Read more below: Quite often, companies don’t realize that the mobile apps they use are reason for concern. Once their data is breached, they begin to investigate. However, there are telltale signs that indicate an insecure mobile app. If you know

leadership team img1

Michelle Drolet

The funkily-named bug of the week is GHOST. Its official moniker is the less catchy CVE-2015-0235, and it’s a vulnerability caused by a buffer overflow in a system library that is used in many, if not most, Linux distributions. A buffer overflow is where you assume, for example, that when you handle a four-byte network number written out as

leadership team img1

Michelle Drolet

Please save the date and plan to  join us for this timely forum on what you need to know about the latest security issues, threats, and technologies that will help you protect your business! June 4, 2015  8:00AM – 1:00PM MassBay Community College 50 Oakland Street  | Wellesley Hills, MA 02481 Pre-registration required. Join us

leadership team img1

Michelle Drolet

Anthem, the nation’s second-largest health insurance company, is the latest target of a security breach. Eighty million customers, including the company’s own CEO, are at risk of having their personal information stolen. VPC SAN FRANCISCO – As many as 80 million customers of the nation’s second-largest health insurance company, Anthem Inc., have had their account information

leadership team img1

Michelle Drolet

As the International Consumer Electronice Show (CES) 2015 brings forth the next generation of devices to watch out for, it also opens issues of digital security. While new technologies and devices are always interesting, they also have the potential to burn consumers and vendors with risks to security and privacy. With these in mind, we picked

leadership team img1

Michelle Drolet

Our Michelle Drolet is quoted in NetworkWorld’s article “Throw your vendor under the bus after a breach? Not quite so fast“. Read more below: In everyday business, a complex set of external relationships is commonplace. Services, infrastructure, and even software live in the cloud, supplied by third parties. An organization’s value is often in the data it