Security Consulting (Advisory)

Cyber Playbook: How to Reverse an in-the-wild Log4J Java Class

Cyber Playbook: How to Reverse an in-the-wild Log4J Java Class

Contributed by Cody Craig, Cyber Investigator, CYDERES Threat actors have been observed dropping malicious Java Class files during Log4Shell exploitation. The sample reviewed in this post showed indication that it came from an attack that exploited the Log4Shell vulnerability via Apache in VMware Horizon. A deeper look into the capabilities and use of the malicious Java Class file observed is... Read More
February 28, 2022
Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Contributed by Chris Thomas, Senior Security Consultant, Advisory, Professional Services Information Technology (IT) primarily refers to hardware, software, and communications technologies like networking equipment and modems that are used to store, recover, transmit, manipulate, and protect data.  Operational Technology (OT), on the other hand, was born out of the need for Industrial Control Systems (ICS) to keep up with the... Read More
January 31, 2022
Cyber Playbook: How to Build a Strong Vulnerability Management Program

Cyber Playbook: How to Build a Strong Vulnerability Management Program

Contributed by Robert Herjavec, CEO & Founder A strong Vulnerability Management program is essential to a comprehensive and proactive cybersecurity program. It allows organizations to identify potential security gaps including access points that threat actors can leverage to gain entry into corporate networks and then prioritize these vulnerabilities for remediation. However, building a robust vulnerability management program can be complex... Read More
November 18, 2021
2 Years Later: How Has GDPR Impacted Your Business?

2 Years Later: How Has GDPR Impacted Your Business?

In May 2018, the European Union (EU) enacted a privacy regulation that would become a turning point for data protection and cybersecurity – the General Data Protection Regulation (GDPR). The goal of GDPR was to change how organizations conducted their data collection and storage practices. It applies to any business or individual that collects, stores, transfers, or processes personal data... Read More
June 4, 2020
WEBINAR: How Are You Securing Your Digital Transformation?

WEBINAR: How Are You Securing Your Digital Transformation?

On February 5, JR Cunningham, VP of Strategic Solutions at Herjavec Group, hosted a webinar on how organizations can secure their digital transformation directives in 2020.  As highlighted in the 2020 Cybersecurity Conversations for the C-Suite report, the top priority for any CIO or CISO will be to manage risk associated with digital transformation and enhance their cybersecurity programs in... Read More
February 7, 2020
WEBINAR: Ask HG Your Toughest Questions

WEBINAR: Ask HG Your Toughest Questions

On October 29, Herjavec Group Executive Leaders held a live, interactive Q&A webinar in order to wrap-up Cybersecurity Awareness Month. Cybersecurity is complicated so we invited a panel of three HG thought leaders to address pressing concerns that security professionals have. We collected questions over the course of Cybersecurity Awareness Month and put our experts in the hot seat. The... Read More
October 29, 2019
Protect IT: Keep Incident Response Top of Mind When Designing Your Backup and Data Log Recovery

Protect IT: Keep Incident Response Top of Mind When Designing Your Backup and Data Log Recovery

Cybersecurity Awareness Month (CSAM) is a global initiative created by the Department of Homeland Security 16 years ago to recognize the importance of digital security for consumers and organizations alike. Enterprises, employees, and end-users alike need to band together to #BeCyberSmart. Herjavec Group is proud to be a CSAM Champion! Contributed by Matt Anthony, VP of Incident Response, Herjavec Group... Read More
October 21, 2019
Herjavec Group Now Certified With EU-U.S. Privacy Shield Framework

Herjavec Group Now Certified With EU-U.S. Privacy Shield Framework

Herjavec Group is thrilled to announce that we have been certified with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce’s International Trade Administration (ITA).  The EU-U.S. Privacy Shield Framework, proposed in collaboration by the U.S. Department of Commerce and the European Commission, ensures that companies comply with data protection requirements for the transatlantic transfer... Read More
July 11, 2019
Herjavec Group Recognized as a Strong Performer on the Forrester Midsize Consulting Wave

Herjavec Group Recognized as a Strong Performer on the Forrester Midsize Consulting Wave

Herjavec Group is thrilled to announce our placement on the Forrester Midsize Consulting Wave. We have been recognized as a Strong Performer.   Herjavec Group’s strengths in privacy consulting, and assessment services (current state, social engineering, pen testing) were called out within the analysis. Herjavec Group also has a proven track record in PCI Compliance as a PCI Qualified Security... Read More
May 30, 2019
Key Conversations from the 2018 FS-ISAC Annual Summit

Key Conversations from the 2018 FS-ISAC Annual Summit

Herjavec Group recently attended the 2018 FS-ISAC Annual Summit in Boca Raton, Florida, which brought together regulated financial services firms, relevant public sector entities, and country-level banking associations for keynotes and interactive sessions around the cybersecurity challenges facing the greater financial services community. Financial institutions are consistently challenged to keep up with new and emerging technology, while managing the risk... Read More
May 30, 2018