Cyber Tabletop Exercises: An Essential Tool for Keeping C-Suite Executives Informed of New Developments in Cybersecurity7 min read
The new cybersecurity disclosure rules from the U.S. Securities and Exchange Commission (SEC) train a spotlight on the growing material impact of cyberthreats and cybersecurity on companies and investors. Generally, the rules require public companies to promptly disclose material cybersecurity breaches and to provide annual disclosures regarding the company’s cybersecurity strategy, risk management, and governance. Under the […]
Managers and Directors Must Stay Current on Developments in Cyberthreats and Cybersecurity5 min read
Recently the U.S. Securities and Exchange Commission (SEC) created new cybersecurity disclosure rules for public companies. Among other things, the rules require public companies to disclose in their Forms 10-K “management’s role in assessing and managing material risks from cybersecurity threats” and “the board of directors’ oversight of cybersecurity risks.” Thus, the rules emphasize the […]
SEC Cybersecurity Disclosure Rules and Beyond: Strategic Advantages of Cybersecurity Adoption6 min read
The Securities and Exchange Commission’s (SEC) new cybersecurity disclosure rules, which went into effect on September 5, 2023, underscore the growing material impact of cybersecurity on business. Generally, the rules require public companies to promptly disclose material cybersecurity breaches and to provide annual disclosures regarding the company’s cybersecurity strategy, risk management, and governance. In particular, […]
Why Private Companies Should Pay Attention to the SEC’s New Cybersecurity Disclosure Rules5 min read
The U.S. Securities and Exchange Commission (SEC) promulgated new rules on cybersecurity disclosures, which went into effect on September 5, 2023. While private companies are not subject to these rules, as discussed below, there are several reasons why they should consider adopting these rules for their cybersecurity program. Generally, the rules require public companies to promptly disclose […]
Is Proactive Cybersecurity Worth the Cost for Small and Midsized Businesses?54 sec read
When it comes to cybersecurity, the most important choice business leaders face is determining which risks to address proactively, with assessments, workforce training, policy preparation, and insurance, versus which risks to address reactively, in the form of breach remediation. Recently, our security business got a call from a mid-sized company that lost $150,000 to a […]
Our K-12 Schools Need Dedicated Safety Personnel Now More Than Ever29 sec read
Building a staffing model that brings a part or full-time crisis planning position into the K-12 organizational structure will better protect schools. “As schools across the country continue to struggle with increased threats of violence, we need to recalibrate our thinking about the time, resources, and specific skills required of those responsible for future school […]
Robert Evans Appointed to Secure Community Network’s National Security Advisory Council47 sec read
We’re proud to share that on July 19, 2023, the Secure Community Network announced three new members to its National Security Advisory Council (NSAC), including our Director of K-12 Services, Robert Evans. The Secure Community Network (SCN), the official safety and security organization for the Jewish community in North America, announced today three new members to its […]
Social Engineering: A Current Threat with A History Stretching Back to Ancient Greece5 min read
While technology is growing ever more sophisticated, the basic human emotions of greed, fear, curiosity, loneliness, helpfulness, and group solidarity stay the same over millennia. These emotions leave us vulnerable to manipulation. Indeed, we’ve been falling for scammers who use social engineering techniques to lure us into helping them achieve their unscrupulous aims since the […]
Who’s Collecting Your Employees’ Unemployment Benefits?5 min read
Recently, we have seen a rise in the hacking and fraudulent exploitation of HR data. In particular, the personally identifiable information (PII) of employees, stored by HR, has become a frequent target of cybercrime. While there are several ways in which PII can be used to scam both businesses and employees, one of the most […]
Anatomy of a Business Email Compromise4 min read
Cybercriminals steal billions of dollars from small businesses every year, and one of their favorite methods is the business email compromise (BEC), a sophisticated way to divert funds from legitimate business-to-business transfers. A Common Example of How BEC Works A prevalent form of BEC starts with an employee’s email account being hacked. Once inside that […]