Your request has been received.

Foresite Blog

Cloud Computing- Moving data to cloud does not transfer liability to protect it

Posted on September 19, 2017

It’s a common misconception that by moving to the cloud or relying on a third-party cloud service provider to process and store data that the full responsibility to protect it falls in the vendor.  Not so! The data is still your data and your potential liability. It is critical to perform due diligence when selecting cloud vendors and/or applications, and due care when moving into the cloud. Foresite provides consulting services to help vet out vendors and solutions, confirm proper configuration and insure that you are following cyber security best practices.  If your data is protected by compliance, we can…

Read More

Avoid Being the Next Equifax – Learn From Their Recent Breach

Posted on September 8, 2017

The Equifax breach just hit the news last week, and already a class action suit has been proposed, seeking $70 billion dollars in damages due to the estimated exposure of personal information of over 143 million people.  It also doesn’t help Equifax’s reputation when several executives dumped stock worth $1.8 million just days prior to the breach being made public. While details of the breach are still being confirmed, it was reportedly exploitation of a known application vulnerability that allowed access.  Why wasn’t there monitoring in place that could have triggered on unusual behavior patterns, such as exfiltration of data…

Read More

Cybersecurity 101 for C-Level and Board Members

Posted on September 6, 2017

These are difficult times for those charged with protecting data, and this challenge is especially tough for the C-Suite and Board members or even small business owners who may not have any formal training or experience with cybersecurity and compliance.   Here are the key things you need to know (or find out) about your cybersecurity, based on the National Institute of Standards & Technology (NIST) Framework.   Identify – What data does your organization transmit and/or store?  This is critical, as you need to know what types of data you have in order to know which compliance requirements you…

Read More

Upcoming compliance deadlines

Posted on August 29, 2017

Several compliances that we work with have deadlines coming up.  Here’s a quick list with links to more detailed information: 23 NYCRR 500 – The New York State Department of Financial Services regulation became effective March 31st, 2017 and applies to financial services companies, as well as their subsidiaries, affiliates and in some cases, their vendors.  Covered entities are supposed to be meeting the requirements as of 8/31/17, have until September 30th to file for exemptions, and are expected to submit their first annual attestation of compliance by February 15, 2018. NIST 800-171 – The National Institute of Standards &…

Read More

Cyber Strategy – The Frightening Truth On Where Old Operating Systems Remain

Posted on August 22, 2017

In the wake of the Paris attacks, a computer glitch that brought Orly airport to a hault may have intially seemed like the work of cyberterrorists.  But in fact, in was a glitch in an air traffic control system that is still running on Windows 3.1 – an operating system from 1992. Lest you think the French are alone, a similar incident closed airspace in London last December when a computer failure was blamed on 50 year old software.   And when Microsoft stopped supporting Windows XP this past April, it was estimated that over 500 million XP systems were still…

Read More

How to Ensure Your Company Is Protected against a Cyber Attack

Posted on August 16, 2017

With the potential attack areas for hackers to crack into your network increasing at the same rapid pace as digital transformation and pervasive technology, your company needs to become more proactive about how it approaches security threats. A cyber attack today is much more varied and unpredictable than it was in the 90s. The complexity of some attacks, too, is such that it is not enough just to respond to a breach. Ideally you want your company to anticipate and prevent as many cyber attacks as possible. This blog offers some strong strategies for assuring that your company is prepared…

Read More

WHAT IS THE BUSINESS IMPACT OF A CYBER INCIDENT?

Posted on August 10, 2017

Business leaders are being tasked to protect their organizations by proactively taking steps against cyber attacks and data breaches.  It’s important to understand the full impact of cyber crime in order to make decisions about allocating resources to combat it. The most recent figures on the average cost of a data breach put the total costs at an average of $4 million or $158 per lost record. The obvious costs include: Cyber forensics to determine what happened, how it happened, and who was affected Cost of notifying affected parties Cost to provide credit monitoring to affected parties Remediation of the…

Read More

5 Reasons You Are Likely to Fail Your Next IT Audit

Posted on August 2, 2017

These common mistakes can be the difference between failing your next IT Audit, or making it a beneficial exercise.  Not knowing your assets.  Identifying your assets ahead of time and having an updated inventory to provide your auditor will save you both headaches and having to revisit and revise reporting. Neglecting to remediate from a previous audit.  Not following through with remediating previous audit failures is sure to get the new audit off to a bad start.  If you feel you implemented a compensating control or don’t agree with the finding, be proactive in discussing that with your auditor. Don’t…

Read More

What is the business impact of a cyber incident?

Posted on July 28, 2017

Business leaders are being tasked to protect their organizations by proactively taking steps against cyber attacks and data breaches.  It’s important to understand the full impact of cyber crime in order to make decisions about allocating resources to combat it. The most recent figures on the average cost of a data breach put the total costs at an average of $4 million or $158 per lost record. The obvious costs include: Cyber forensics to determine what happened, how it happened, and who was affected Cost of notifying affected parties Cost to provide credit monitoring to affected parties Remediation of the…

Read More

What makes our ProVision solution different from other MSSPs?

Posted on July 26, 2017

Whether you are looking to implement security monitoring of your network for the first time, or you have a renewal coming up and want to explore your options, the MSSP landscape can be confusing.  Here are some key differentiators of Foresite’s ProVision solution that you may want to consider: Scalability – Gartner’s Competitive Landscape: Managed Security Services highlighted a “technical glass ceiling” in the industry.  Very few MSSPs get past the combination of 1,000 clients/5000 devices under management.  The reason?  Technical limitations of the MSSP’s platforms. Our ProVision platform was built with this in mind, and also allows us to…

Read More

Interested in what Foresite can do for you?

At Foresite, we like to consider each client’s needs individually, in order to determine the best approach to your unique requirements. So let’s talk! Contact Foresite to request a scoping call today.

Contact Foresite