Thought Leadership

SEC Announces Cybersecurity Policy Enforcement #CyberAware

SEC Announces Cybersecurity Policy Enforcement #CyberAware

President Obama has designated October as National Cybersecurity Awareness Month. This week, we will be shining a spotlight on cybersecurity examinations for businesses and business owners. Herjavec Group is sharing a summary of the SEC’s latest release where the commission highlighted the six target areas for its future cybersecurity examinations. All businesses should be #CyberAware In late September, the Securities and... Read More
October 6, 2015

To Cyber-Insure, or not to Cyber-Insure…that is the Question

Steven Cohen, VP Herjavec Group Last week BitPay filed a lawsuit against insurer MBIC to recover amounts denied under a commercial crime policy. It has been reported that in December 2014, hackers were able to pull off a social engineering attack against a BitPay executive, resulting in 3 separate transfers of 5,000 bitcoins (valued at $1,850,000). This incident is particularly... Read More
September 25, 2015

How to Manage Ransomware

Matt Anthony VP, Incident Response Many organizations are victims of an emerging and surging category of malware.  Generically called ransomware, it is also known by the names Cryptolocker or Cryptowall.  Ransomware evolves and changes, but the result is the same.  You start your computer and get a message like:  “Your files are encrypted” along with an invitation to pay a ransom,... Read More
September 8, 2015

Legislative Intervention into Security Preparedness

Steven Cohen, VP Herjavec Group  Last week a US appeals court confirmed that the Federal Trade Commission (FTC) can proceed with its suit against the Wyndham hotel chain. Wyndham was accused of failing to secure customer information and prevent multiple breaches between 2008-2009. The breaches reportedly resulted in 619,000 credit card accounts being compromised and over $10million in losses. Following... Read More
August 31, 2015

Cybersecurity Awareness Training: Simple Solutions to Complex Problems

Cybersecurity is certainly topical given the number of compromises being reported in the press. As cybersecurity professionals, it can be perplexing to see organizations that focus their efforts on investments in the technology space, while often ignoring and undervaluing the investment in their own people. Many firms offer security awareness training in the form of a quick PowerPoint presentation followed... Read More
August 19, 2015

Why AV is Dead, and what to do about it.

Scott McDonald, Herjavec Group In the proverbial cat-and-mouse game of cybersecurity neither the attacker nor defender can maintain their advantage for very long.  The lifecycle of new technologies in IT is very short. But in cybersecurity that time is condensed into nanoscopic increments of obsolescence allowing new lethal threats to overtake yesterday’s sophisticated cyber defenses. Let’s take a look ‘under... Read More
August 4, 2015

Protecting the Endpoint

As security leaders we recognize that endpoint protection is critical. Over 70% of attacks occur on the endpoint and we recognize that human error still accounts for the majority of desktop breaches. The cybersecurity industry has experienced a surge in the number of endpoint protection offerings available. Offerings exist for on prem or remote endpoint protection in terms of prevention,... Read More
July 6, 2015

Evolution of the Next Generation SOC

The need for security programs to shift from tactical to strategic in focus has never been stronger. Rising threats have forced organizations to recognize the importance of a rapid response center, dedicated to network and security incidents. In the past, the separation between NOC and SOC seemed logical – NOCs were mature while SOCs were the “new kids on the... Read More
June 2, 2015

Insights on eMerge Americas 2015

eMerge Americas is an annual global idea exchange held in Miami, Florida with a focus on how technology and innovation are disrupting industries. The conference connects small, mid cap and emerging firms with global industry leaders and investors through interactive sessions, keynote and networking events. Matt Anthony, Herjavec Group’s SVP of Consulting & Remediation Services had the privilege of attending... Read More
May 14, 2015

Customized Intelligence-Based Information Security

Information security is a fast moving train, but where is it headed? The vast selection of technologies can be mind-boggling, and often the skills required to make sense of their proper use are dispersed among multiple technical groups and, at times, completely missing from an organization's skills-matrix. With this in mind, it is a wonder that intelligence modeling capabilities are... Read More
April 16, 2015