Articles and Insights Compliance Corporate Tools & Insights

Why Penetration Testing Is Critical To Bolster Your Cybersecurity Efforts

By Michelle Drolet . 26 Mar 2019

The threat of a cybercriminal gaining access to your network is a constant source of anxiety. Amid all of the high-profile data breaches, businesses and organizations of all sizes have been successfully targeted by hackers who employ a wide range of different strategies. Too many companies have had to learn all about the potential cost of … Continue reading Why Penetration Testing Is Critical To Bolster Your Cybersecurity Efforts →

Articles and Insights Security Services

Deciding Between Vulnerability Scanning And Penetration Testing

By Michelle Drolet . 8 May 2014

My clients often confuse scanning and penetration testing. Organisations should be conducting both external vulnerability scans and penetration tests. If you are storing or transmitting data on the Internet, particularly sensitive data such as credit card details, then quarterly scanning is required to validate your PCI compliance. You also need to conduct a penetration test … Continue reading Deciding Between Vulnerability Scanning And Penetration Testing →

Articles and Insights

Why security professionals need to get more creative with penetration testing (and how to do it)

By Michelle Drolet . 25 Apr 2014

Criminals are evolving with their techniques for hacking and breaching corporate assets, so security managers need to as well. Here are some ways companies are going beyond standard pen testing in order to increase awareness By Maria Korolov Security professionals have long been running penetration tests against their firewalls and other security systems to find … Continue reading Why security professionals need to get more creative with penetration testing (and how to do it) →

Data Privacy Alerts

Towerwall Heartbleed Vulnerability Alert

By Michelle Drolet . 11 Apr 2014

Good Afternoon: The IT infrastructure your organization may use for day-to-day business may be vulnerable because of the Heartbleed vulnerability. Sophos a Towerwall partner has prepared a podcast of the Heartbleed vulnerability, which addresses who is likely affected, workarounds and an offer to help determine if you are vulnerable. http://nakedsecurity.sophos.com/2014/04/10/sscc-142-heartbleed-explained-patches-evaluated-apple-chastised-podcast/ If you think you may … Continue reading Towerwall Heartbleed Vulnerability Alert →

Articles and Insights

Why wasn’t healthcare.gov security properly tested?

By Michelle Drolet . 17 Jan 2014

When the healthcare.gov website was launched on Oct. 1 it didn’t take long for technical issues to hit the headlines. Americans trying to register for health care found the website unusable. There were glitches, extremely long loading times, and serious errors, but most worrying of all for anyone entrusting sensitive data to the system was the lack … Continue reading Why wasn’t healthcare.gov security properly tested? →

Articles and Insights Data Security Review Newsletter

Introducing our Quarterly Newsletter: the Data Security Review

By Michelle Drolet . 16 Jan 2014

I am excited to announce the launch of our quarterly newsletter, the Data Security Review. Each quarter I will be sharing with you what I am hearing from customers, colleagues and data security experts to keep you aware and protected. As we enter 2014, human risk is on everyone’s mind. Even with the most sophisticated … Continue reading Introducing our Quarterly Newsletter: the Data Security Review →

Articles and Insights

Establishing Security Goals

By Michelle Drolet . 8 Jan 2014

Implementing security practices in your organization’s employees’ daily work habits, and ensuring the integrity and confidentiality of information security, the goals of the Security Awareness Program are: Put information security and its importance into the forefront of your staff’s minds. Spread information security policy and awareness throughout corporate ranks. Build security awareness into the technical … Continue reading Establishing Security Goals →

Articles and Insights Security Services

How Can you Expose Targeted Attacks and Combat APTs?

By Michelle Drolet . 15 Oct 2013

Cybercriminals are employing more sophisticated techniques all the time and far too many companies and organizations still don’t have the protection they really need to safeguard their systems. The prevalence of targeted attacks and advanced persistent threats (APTs) is disturbing. The risk is that security is breached, typically through manipulation of employees using a technique … Continue reading How Can you Expose Targeted Attacks and Combat APTs? →

Articles and Insights Events & Conferences

Towerwall and the Information Security Summit highlighted in SearchSecurity.com Article

By Michelle Drolet . 7 Jun 2013

Check out Search Security’s article – “HIPAA Omnibus Rule, PPACA challenge enterprise compliance management”, where our own Natalie Kmit and the Information Security Summit 2013 are highlighted: HIPAA Omnibus Rule, PPACA challenge enterprise compliance management WELLESLEY, Mass. — For information security professionals, compliance-related tasks have often proved to be a trying yet necessary part of the … Continue reading Towerwall and the Information Security Summit highlighted in SearchSecurity.com Article →

Articles and Insights

10 Things to Know Before Creating BYOD Policy

By Michelle Drolet . 5 Sep 2012

In recent years, the work place has become more mobile than ever, and the mobile worker revolution is, in large part, the reason for the rise in Bring Your Own Device (BYOD) policies. The big idea is that through the use of cloud computing-based collaboration platforms, enterprise-class companies can save a great deal of money in IT, security and … Continue reading 10 Things to Know Before Creating BYOD Policy →

Tags

information security tips

Data Breach

security software

Security Regulations network security Security Program Mobile Security Security Services Hackers Security Alert Cloud Security security research Data Privacy cyber-attack Security Partners Application Security Big Data Mobile Apps Mobile Devices ransomware Mobile Protection malware credit card security Fractional Chief Information Security Officer (CISO) Michelle Drolet BYOD financial security Towerwall penetration testing Information Security Summit Sophos threat landscape endpoint security system Internet of Things Webinar vCISO passwords Worcester Business Journal cloud services Compliance vulnerability management Web Browser Phishing cannabis compliance Gap Assessment Virtual CISO Web Application Firewall web server Assessment IoT IoT security web users SnoopWall iPhone T-Mobile cannabis security CISO MassBay Community College meetup software updates Tablets 10 Things I Know HIPAA Web Storage Government Compliance Regulations InfoSec at Your Services Meetup Armis GDPR phishing attacks General Data Protection Regulation (GDPR) BrightTalk InfoSec at Your Services Android AlienVault Apple Encryption Microsoft Equifax Varonis Mac European General Data Protection Regulation (GDPR) IT Infrastructure NIST iOS OWASP ID Theft NetworkWorld cannabis Events Middlesex Savings Bank Wireless ISSA CannaCare Linkedin internal emails Verizon AT&T PCI medical marijuana iOS update Breach Response Cybersecurity Framework Massachusetts Candy Alexander Cryptolocker Bluetooth Heartbleed Becker College Nadir Izrael DROWN email scam software systems Banking Cannabis 2016 Outstanding Women in Business Third-party Vendor ISSA New England Yahoo Office Fortinet employee Cache Forbes Technology Council artificial intelligence FBI Smartphone Firefox Smart Device Facebook Wi-Fi Smart Home Shockwave. Internet Explorer ISACA Enterprise Establish cisco Gary Miliefsky Framingham GRC Regulated Industries WannaCry Risk Management vulnerability scanning Information Security Summit 2016 RSA Information Security Summit 2017 Wearables Information Systems Security Association (ISSA) scammers hackings Hack Boston Budget bot-infected Intercept X Gmail Security BSides Boston 2016 Internet Explorer Botnet botnets General Data Protection Regulation Training infected computer Breach Prevention BSides Boston Educate CDW infected phone Cyber Security Career Lifecycle ( CSCL ) Darktrace Ltd Mass Bay Community College password protection CyberSN password cybercrime medical cannabis two-factor authentification Cyber Security Leader for 2016 Cyber Security Leader 2016 4E Methodology Cyber Security Data breaches Cyber Defense Magazine Michael Lyons Outstanding Women in Business CryptoWall v3 Outlook Twitter Open Web Application Security Project (OWASP) Twinstate #WBJITFORUM Towerwall in the News Community Involvement Allegro MicroSystems cybersecurity trends Linux Center for Internet Security (CIS) spear phishing CEO Windows PhishMe SSL AMG Sophos Intercept X Amazon open-source software Qualys web application security quid pro quo Private Browsing OSSEC Pinterest pot dispensaries Penalties Open Source Ransomware Protection Year in Review point-of-sale breach Ponemon Institute Open DLP Ponemon Institute Data Breach Offensive Security NIST Cybersecurity Framework (CSF) zero-day private sector Project Management Professional Xerox Corporation Wireless Access Control PayPal Whitelist patch management Patch whitepaper public sector Penetration Tests Pot Compliance Public Wi-Fi WordPress phishing attack Pseudonymization protected health information (PHI) Wikipedia PIE Worcester Business Journal's IT Forum white market Pwn2Own Portables Virus ransomware-as-a-service Subject Access Request (SAR) Target U.S. Department of Health Unified Security Management (USM) Uniforms Unix Syria switches SuperCom Stealthbits Tax Unsecured Wi-Fi State regulations Starbucks Unstructured Data SSLv2 server SSLv2 UPnP SQL injection Targeted Cyberattack TCG Spear phishing emails Title II of the Communications Act Trend Mico TrendMicro Town Hall Towerwall Security Alert trends Trends to Watch for in 2018 Top Computer Security Blogs 2016 TLS Threat Intelligence TCG Network Services third-party social media plug-ins third-party partners Third Party Outsourcing third party applications The Hawaii Dispensary Alliance Texas tED Magazine TechTarget Special Publication 800-53 spambots Red Team Exercises Secure Building Securonix Veeam Vormetric Security Operations Center Security Awareness Training Program security assumptions VPN secure configurations Science and Technology Tagged With: cannabis compliance SHA1 Scholarship vulnerability Scaled Agile Framework for Enterprise (SAFe) Practitioner sandbox SamSam attack Safari routers RFID credit cards Settings Shellshock. Bash bug SPAM user behavior analytics SOX Sophos SafeGuard Encryption 8 Sony software bugs USB Social Engineering Snort Smith & Wesson smart-connected SHI smart TV User behavior analytics (UBA) smart fridge USM small to medium size enterprises (SMEs) small and midsize businesses SIMDA botnet Silicon Review Social Security Number #brainbabe NFC COSO Cube CTO CSF CryptoWall CRNtv Critical Security Controls (CSC) Critical Security Controls CreditDonkey CPEs Counterintelligence Program Corporate Security CYBER Cookies continuous data protection (CDP) Conficker Conference Compliance and Regulations Community Leadership CNBC cloud phishing CIS Controls 17 CIS Controls 16 Cumberland County College's 2017 Business Leaders' Summit cyber defense CIO data recovery capability DevOps device-to-device communications device management Department of Consumer Affairs Deidre Diamond DDoS attacks database systems data storage data recovery plan Data Protection Officer Cyber Security education Data Loss Prevention (DLP) data collection darwin defense darwin Darkode dark web Dallas cybersecurity professionals cyberattacks Cyberattack CIS Controls CIA DOM Apple Pay auditing ATM ata protection officer APT April Fools appsec application testing Application Software Security Appliance Analysts AOL authentication Anti-Phishing Working Group (APWG) Alien Vault Add-ons 3D Printing 2019 2018 2017 Power 30 Solution Providers 2017 Community Leadership Breakfast 20 Critical Security Controls #summitbuzz19 Auditing Wireless Networks Bash Chrome Cash China hack Chief Security Officer Channel Partners CFO CES Certified Web Application Penetration Tester Certified Business Continuity Professional certificates Center for Internet Security CCPA case study behavior analytics canna care California Consumer Privacy Act (CCPA) business security Bugcrowd Bro breach boundary defense boston voyager BlueBorne Big Switch disaster recovery DPO Near-Term ROI ISSA New England Chapter Meeting Kmart KISSmetrics Kismet Juniper Netwroks Juniper Java ito IT Support IT departments ISSA International Conference KrebsonSecurity ISSA International Awards Interwork #summitbuzz18 Infraguard InfoSec at your Service INFOSEC Assessment Methodology Information Systems Security Association Information Security Summit Scholarship independent testing Incident Response and Management Known vulnerabilities Legal weed IE MetroWest National Security Agency (NSA) National Institute of Standards and Technology (NIST) National Initiative for Cybersecurity Education (NICE) mobile malware Mobile Device Security Analyst MJ Freeway Misconfigurations military Microsoft NERD MassBay lingo Mass Department of Public Health Mary Shia Mark Zuckerberg’ malwarebytes Malicious software machine learning Mac OSX MaaS LSO LogRhythem Imperva identification Dr. David Podell Enforce firewalls Fingerprinting FCC Evaluate European Union European Data Protection Board (EDPB) EU legislation EU Data Protection ETag endpoint visibility Forbes Endpoint Protection endpoint detection EMV credit cards EDR eBook Series ebook eBay Drug Policy Alliance DROWN vulnerability DRIDEX botnet Flash Cookies Foundation for MetroWest IAST GovConnection human error encryption HTTPS HTTP HTML Host-based intrusion detection systems high-profile data breaches HIDS Health Insurance Portability & Accountability Act haveibeenpwned.com hacking Google Wallet Fox 25 Google GNU Bash Remote Code Execution Vulnerability Gigamon Gift Cards GHOST GDPR Fines Gartner FTG FREAK Framework Zero-day malware

Show Less

Categories

Tags