User Access Audits: A Key to Secure Systems
Maintaining strict control over who accesses your systems and data is an important aspect of information security. It’s critical that you limit access to Protected Health Information, company secrets, Personally Identifiable Information, or any other sensitive data. To ensure that only the list of users who should have access to a specific system or dataset, […]
Why Every Company Needs Security Policies
The best cybersecurity programs are based on solid risk management principals. The first step is to define what you’re guarding – is it your reputation, or cash, or intellectual property, your customer data, something else? Most likely, it’s some combination of those; rarely does a company have only one asset to protect. Once you’ve determined […]
Building a Cyber Aware Culture
The importance of fostering a security-aware culture within organizations cannot be overstated. As cyber threats become more sophisticated, the traditional approach of relying solely on technological defenses is no longer sufficient. A security breach can have devastating consequences, ranging from financial losses to irreparable damage to an organization’s reputation. Employees from leadership all the way […]
Cybersecurity 101
Confidentiality One of the most common questions we get is “so, what even IS cybersecurity anyway?”. This is often paired with comments about how overwhelming it all is and an understanding that while cybersecurity is important, it’s so laden with jargon and industry-speak that a typical small business owner has no idea where to start […]
Demystifying NY Education Law § 2-d
We want to help businesses better understand what the New York State Education Department (NYSED) Law § 2-d is and what they can do to comply with it. We’ll be discussing the importance of NYSED Law § 2-d, covering Personally Identifiable Information (PII), who the law applies to, the requirements of NYSED Law § 2-d […]
Demystifying HIPAA
We want to help businesses better understand what the Health Insurance Portability and Accountability Act (HIPAA) is and what they can do to comply with it. We’ll be discussing the importance of HIPAA, covering Protected Health Information (PHI), who HIPAA applies to, the HIPAA Privacy and Security rules, as well as what the repercussions of […]
Cutting Through the Code: A Guide to Cyber Insurance
Guest post by Luke Kaltreider, Lead Account Executive at Founder Shield, with a history rich in education. Luke enjoys teaching business leaders how to get the most out of their insurance plans. Cyber threats loom larger and more sophisticated with each passing day. Understanding and navigating the complex world of cyber insurance is a must […]
Demystifying NY DFS NYCRR Part 500
Keeping customer data safe is more critical than ever, especially for financial companies. New York State has taken a big step to ensure this safety through a set of rules known as New York Codes, Rules and Regulations (NYCRR) Part 500. These rules, introduced by the New York State Department of Financial Services (NYDFS) in […]
Demystifying NIST CSF 2.0
Today we’re going to talk about the National Institutes for Standards and Technology (NIST) Cybersecurity Framework (CSF). It’s an important tool for SMB’s designed to help strengthen their defenses against these cyber risks. NIST CSF has been an industry standard, providing the baseline definition for a well-run cybersecurity program for over a decade. Just like […]
Empowering MSPs to Elevate SMB Cybersecurity with Blacksmith InfoSec
Cybersecurity continues to be a top concern for Small and Medium-sized Businesses (SMBs). Yet, the complexity leaves them unsure of how to get started and the cost means they can’t afford to be comprehensive in their approach. This leads to failure to launch or patchy coverage, which in turn leaves them vulnerable. This is where […]