News

The Problem Let’s face it, we have a problem. Hackers are breaching organizations’ software infrastructure and applications daily. Most of these breaches are preventable, but yet they still happen in ever-growing numbers. From my experience, I don’t believe that we are investing enough in the skills of the developers who are building our software as well as the engineers who ...

I’ve been spending a lot of time lately with early startups and small business owners talking about privacy and security.  My previous jobs sent me into some very large enterprises to solve for some very large privacy and security concerns.  One has to ask, are these two worlds so different?  I’d have to say yes and no.  A recent series ...

Where is the best website for breach data history? This has been a common question and one that everyone seems to have a personal answer to. In the spirit of Cyber Security Awareness Month, here are some good resources to consider. As breaches to our privacy continue on a daily basis, they can be hard to keep up with. These ...

The world seems to be a buzz about GDPR.  If you’re not buzzing – you’re not in the know.  People want to know what it is, who has to deal with it, when do they have to take action, and where they can turn to for help.   Simply put, GDPR is the European Union’s (EU) latest attempt to ensure that ...

With the General Data Protection Regulation (GDPR) from the European Union (EU) nearing enforcement in May 2018, many still see it as a project. Many enterprises still see GDPR as a project and not a privacy strategy. Here are some excerpts from conversations I have had with managers about GDPR:

• “Since Safe Harbor failed we’ll see what happens with ...
  
  Read More

Why using automation is a better approach and more secure than using “Golden” Amazon Machine Images (AMIs) A commonly used (“best”) practice is to utilize the AWS Amazon Machine Image (AMI) service to create and store the complete contents of an application server instance running on Amazon’s AWS Infrastructure-as-a-Service (IAAS) cloud. Typically, a DevOps engineer will stand up and configure ...

Are you ready for GDPR? Penalties, that is. The General Data Protection Regulation (GDPR) from the European Union (EU) has been announced and required for ANY company that sells to or monitors European citizens, since early 2016. GDPR is an international law that has already been enacted. This law is intended to clarify and strengthen prior privacy laws and is ...

October is National Cyber Security Awareness Month and in keeping the National Cyber Security Alliance’s theme for week two, “cyber security in the workplace is everyone’s responsibility,” I’d like to share some thoughts from a recent interaction with a small business leader. Last Friday, my colleague and I met with a startup CEO in Boulder to discuss her cyber risk ...

Have you moved to the cloud yet? Why not, the security is great up here? With all of the cloud survey’s out there it is easy to see how the adoption of cloud computing has risen over the past 10 years. A hybrid cloud seems to be the most commonplace approach for most enterprises, and Amazon, Microsoft, and Google are ...

American Cyber Security Management is proud to participate in National Cyber Security Awareness Month 2017. Cybersecurity is a shared responsibility that affects all Americans, and everyone plays a part in keeping the Internet safe. Throughout October, we will highlight the issues of cybersecurity and privacy on our website, and on our social media posts. We hope you will join our efforts to ...