FoxPointe Security Hub

Cybersecurity

Subscribe to the blog

Receive articles and resources from the information risk management experts at FoxPointe.

Your organization and its risk management leaders face disturbances on multiple levels every day, encompassing cybersecurity, privacy, regulatory management, and focused and widespread malicious actions and actors, technological weaknesses, organizational apathy, human errors, etc. Preparation, assessment, and pragmatic execution of the needed controls are vital to address these disruptions and...

After a multiyear process of proposals and assessment of public comments, the New York State Department of Financial Services (NYSDFS) has made significant amendments to its Cybersecurity Regulation, 23 NYCRR Part 500. The rule is final and effective as of November 1, 2023. Let’s take a comprehensive look at each...

Updates to the SEC Cybersecurity Disclosure Rules Days before the new Securities and Exchange Commission (SEC) cybersecurity disclosure rules went into effect (which FoxPointe previously discussed here) Erik Gerding, Director of Corporation Finance of the SEC, issued a statement offering some thoughts, rationale and perspective on the rules in an...

This article was written by Brendan Horton, Security Analyst. Cloud security encompasses the policies, technologies, and practices designed to protect cloud-based resources, including data, applications, and infrastructure, from a wide range of cyber threats. Cloud computing has become the technology of choice for organizations wanting scalability and flexibility to meet...

In today’s rapidly evolving digital landscape, the protection of sensitive information and the preservation of digital assets have become paramount, as has a full and accurate understanding of the controls in place. As organizations navigate the intricate realm of cybersecurity, the role of a Chief Information Security Officer (CISO) has...

Today’s organizations face numerous cybersecurity challenges, and one of the most insidious threats is social engineering. Cybersecurity is often associated with technical vulnerabilities and sophisticated defenses; however, social engineering leverages human reactions and psychology to gather information and perform attacks. This article aims to shed light on the key principles...

The FTC Safeguards Rule requires covered companies to develop, implement, and maintain an information security program with over 20 implemented, documented and risk assessed administrative, technical, and physical safeguards designed to protect customer information. Are your clients up on what the revised Rule requires? Are they ready to be compliant...

Building a cyber resilient workforce for is critical to a cyber security program for all companies. According to Verizon’s 2022 Data Breach Investigations Report “This year (2022) 82% of breaches involved the human element. Whether it is the Use of stolen credentials, Phishing, Misuse, or simply an Error, people continue...

Cybersecurity Challenges in an Interconnected World In the ever-changing ecosystems that organizations operate in, business needs can change as rapidly as the weather. It’s abundantly clear that organizations must be agile so they can adapt and react to the business storms on the horizon. Budgetary constraints and increased transaction velocity...

Brandon Agostinelli – September 12, 2022 Managing Medical Devices Cybersecurity Within the healthcare industry, there is a variety of environments that utilize many different types of medical devices to deliver services to patients. As reliance on technology within the healthcare industry continues to grow, an increase in information security risk...