Sage Advice - Cybersecurity Blog

The role of policy is to codify guiding principles, shape and require behavior, provide guidance to those who are tasked with making present and future decisions, and serve as an implementation roadmap. An information security policy (ISP) is a directive that:

We see news of devastating cyberattacks every day in private and public organizations of all sizes. From phishing attempts, to business email compromises, to full-blown ransomware attacks, any device that’s connected to the internet is at risk for an attack.

Privacy is difficult to define, much less protect. In the business realm, data privacy is still regularly confused with data security and the titles of those charged with safeguarding it for customers vary widely. Meanwhile, many organizations continue to collect as much personal data as they can, just because they can.

In the rush to the cloud, infosec professionals struggle to translate their existing security capabilities, controls, and processes to the new environment.  One of the last processes they adapt? Incident response, said Dave Shackleford, as he kicked-off his 2019 CyberCrime Symposium presentation. A primary reason, he said, is they can’t get the same real-time visibility into events that they could in their traditional environments.

Some five years back, Don Anderson, CIO at the Federal Reserve Bank of Boston, sat down for the first time with the organization’s chief risk officer. As the IT head of one of the Fed’s 12 regional banks, he was there to provide input on risk, as part of an initiative to create an enterprise risk management framework.

For the first time in its 10-year history, the CyberCrime Symposium featured breakout sessions, a nod to past-audience requests for content tailored to different functional roles. The sessions, offered on both days of the event, comprised two separate tracks — one technical, the other on risk and compliance.

During the closing session of the 2019 CyberCrime Symposium, we heard from Tyler Cybersecurity clients and our partners at Amazon Web Services (AWS) about their experience using cloud services. Each person brought a different, but insightful perspective to the table and shared what’s been working for them (or not) in the cloud. Let’s recount the top lessons we learned from the session.

At his 2019 CyberCrime Symposium presentation, Jim Reavis saluted the audience for participating in the annual event, noting the high ratio of return attendees.

For its 10th anniversary, the CyberCrime Symposium took to the cloud, where security still concerns, confuses and confounds info-sec pros. For this year’s event, sponsored by AWS, Tyler Cybersecurity put together a stellar lineup of speakers, who took the stage to discuss the high stakes of cybersecurity in a world taken with the cloud.    

With the number of cyberattacks occurring today, it’s especially important for companies to be knowledgeable when it comes to cybersecurity best practices, how to create and nurture cybersecurity culture, and how to hunt for threats on the network. But no organization – large or small, public or private – is immune to a data breach, even with appropriate security measures in place.