By Judy Hatchett June 16, 2021 Up until a few years ago, people in general did not take information security very seriously. Today, the ransomware attacks, data thefts, and disruption have increased, significantly heightening the awareness of how critical information security is to an organization. All businesses, small, medium and large are investing in information security as a part of their core business. It is no longer optional, it is a “must do”. Whether you are a CISO, CSO, Director of Information Security or Manager of Information Security, you are challenged with running your information security department as a business ...
Read More

By Tina Meeker June 16, 2021 Whether you have an MBA, an undergraduate degree in business or took a DECA class in high school, you likely are familiar with The Marketing Mix (or 4 Ps) Product, Price, Placement and Promotion. In simply put marketing speak, ‘Product’ is the thing you are selling, ‘Price’ is the cost of the thing, ‘Placement’ is targeting your customers (think demographics or “target market”), and ‘Promotion’ is how you let people know the thing exists AND that they need it. According to Merriam-Webster's Dictionary, Marketing is defined as the process or technique of promoting, selling ...
Read More

By Tony Sager June 11, 2021 Have we reached the point where cyber security is a business function? Well, recent events have reminded us that a business doesn’t function without security. But our goal is not security for its own sake. Cybersecurity is not some magical end-state; it’s an essential step on the road to confidence in our business and personal decisions. The focus of cybersecurity has traditionally been on technical things - designing and building technology that embodied desirable security properties, like confidentiality, integrity, and availability. Evidence to support “trust” and confidence would be inherent in the underlying model ...
Read More

By Dr. Massoud Amin, Professor – University of Minnesota and Cofounder/Past Chairman – Cyber Security Summit with Lindsay Lien Rinholen, Attorney – OFT Food Safety & Injury Lawyers May 18, 2021 Winston Churchill said, “Never let a good crisis go to waste,” and the recent ransomware attack on Colonial Pipeline, which supplies fuel from Houston to New York, is the perfect example. Pipelines have an opportunity now to strengthen their security by improving strategies and planning to proactively curb cyber attacks. Electric utilities have been in this position and offer two important lessons in developing comprehensive cybersecurity standards. As we ...
Read More

by Chris Veltsos  May 19, 2021  Photo credit: Geneva Flower Clock (Geneva, Switzerland) by Phil Veltsos Centuries before dreaming of endless cycles of technology and business disruptions, humans dreamed of beautiful and plentiful gardens. Fast forward to 2021 and in addition to flower gardens and vegetable gardens, humans have built and grown technology gardens. Those gardens support the daily needs of organizations large and small, and enable them to compete and thrive in a global marketplace. Yet, much like regular gardens, our technology gardens suffer when we fail to properly plan, care for, and improve them. This article encourages you ...
Read More

By Christopher Buse May 19, 2021 If you ask my wife Beth, what is love? She would say that love is like the two of us walking down a quiet beach at night under the moonlight. But to me, love is all about sitting on a northern Minnesota lake with my friends catching walleyes and drinking some refreshing pale ales. Over my career as an IT security professional and a CPA, it became clear to me that risk assessments are a lot like love. The term means something different to everybody. Absent a generally accepted definition, in this article I ...
Read More

By Jerrod Montoya April 14, 2021 Recent events related to the cybersecurity of the supply chain have raised our awareness of the many shortcomings we face. Yet, there is another dark storm brewing in the distance, and the supply chain still has a blind spot – The buyer. Supply Chain Cybersecurity became a hot topic following the Target breach in 2013 and is once again front page news with the recent SolarWinds breach. Securing the supply chain is about ensuring that those providing products or services to a buyer implement reasonable cybersecurity measures as prescribed by the buyer. Note: there’s ...
Read More

By Stefanie Horvath April 12, 2021 Supply chain attacks signal who is synchronized and holds a dominant knowledge of technology – and it is not us. Each day brings another attack – each attack more insidious and obfuscated than the last. Accellion’s Legacy File Transfer Application exploitation attacks automated data transfers, taking down organizations with wildfire swiftness. The rapid progression of supply chain attacks signals that cyber criminals are far better than us at leveraging synchronization. The supply chain attacks demonstrate a considerable depth of knowledge of the technology and the companies using the technology. The Identity Theft Resource Center ...
Read More

By Sam Curry April 12, 2021 December 13, 2020, the world learned about the alleged attack by APT29, Cozy Bear, on SolarWinds and the downstream implications with potential victims stretching into the thousands. Later in early 2021, a similar style of attack leveraging Microsoft to infect still thousands more, this time with an alleged Chinese state actor as the culprit, sent a second shock wave through the security community and the world at large. Congress and the Biden Administration have held hearings and are looking at new legislation, regulation, and executive orders to try to improve security across the United ...
Read More