KRACK Security Flaw: What We Need to Know

by Sarah Harvey / December 19, 2022

Last month, researchers discovered a new weakness found in the WPA2 protocol (Wi-Fi Protected Access 2), the security method which protects all modern Wi-Fi networks, known as the KRACK security flaw. Although there is no evidence at this time that the KRACK vulnerability was maliciously exploited, this still raises many concerns for both personal and enterprise wireless devices. What is the KRACK Security Flaw? The KRACK security flaw, which stands…

Why You Need to Document Your Policies and Procedures

by Sarah Harvey / February 7, 2023

Critical Documentation You hear us repeat it over and over again: if it’s not written down, it’s not happening. Documentation is a critical component of any organization. Policies and procedures are vital to your business operability, business continuity, consistency within your organization, training new employees, controlling risk, meeting regulatory compliance requirements, meeting client requirements, and so much more. Policies and procedures demonstrate how you conduct your business. What is a…

Why an Information Security Program Is Important

by Sarah Harvey / June 15, 2023

Regardless of the size of your business or the industry you’re in, an information security program is a critical component of any organization. A good information security program consists of a comprehensive set of information security policies and procedures, which is the cornerstone to any security initiative in your organization. Whether you’re responsible for protected health information (PHI), personally identifiable information (PII), or any other proprietary information, having a fully…

4 Ways to Ensure Security and Maintain Compliance

by Sarah Harvey / June 13, 2023

We find that most organizations tend to focus on becoming compliant rather than being secure. And while meeting client requirements and industry regulations is very important, it does not necessarily guarantee that your organization is secure. If your entire information security program is based on “What must we do to be compliant?”, you’re probably missing some major holes in your security infrastructure. So, what is the key to finding the…

What is Threat and Vulnerability, and How Does it Relate to Risk?

by Sarah Harvey / February 7, 2023

Vulnerability x Threat = Risk In order to understand risk, we must first understand the definition of threat and vulnerability. A business risk results from significant conditions, events, circumstances, actions, or inactions that could adversely affect your company’s ability to achieve its objectives and execute strategies. Risk is a condition that results when vulnerabilities and threats act upon critical assets. In information security, we like to use the formula “Vulnerability…