Reassessing Security Priorities: The Mid-Year Shuffle

Early this year, we posted an overview of threats and technologies to look out for in 2020. But no one could have predicted what was to come in the months that followed, and now, organizations worldwide are re-evaluating their priorities—starting with cybersecurity. This Tuesday, Hitachi ID published “Top IT Budget Priorities Through 2020,” based on […]

Bolstering Security For Small To Midsize Businesses

Public health isn’t the only thing at risk amid the COVID-19 pandemic. For cybercriminals capitalizing on the chaos, small to midsize businesses, or SMBs, are the perfect gambit: smaller firms are less likely to believe themselves an “attractive” target for cyberattacks, which leads them to slack on cybersecurity protections. It’s easy to be lulled into […]

Repeat Offenders: Lessons From The Energy Sector

Lightning may not strike the same place twice, but cyber attackers tend to go with what they know works—which makes it all the more dangerous when organizations leave proven vulnerabilities untouched. In the case of the U.S. Department of Energy, cybersecurity practices remain troublingly stagnant. The agency may have the resources to patch holes in […]

Protecting Your Intellectual Property – Tips from Real World Audits

Introduction In the course of any given year BAI Security performs hundreds of IT Security Audits for truly security-conscious organizations in highly regulated industries.  Our specialization includes in-depth IT Security Audit and Forensic services primarily to the Banking and Finance, Pharmaceutical, Healthcare, and Insurance sectors. In an effort to bring awareness to growing trends related […]

New Guidance Released by NIST Redefines Assurance & Trustworthiness for Financial Institutions

On April 30th, 2013 the National Institute of Standards and Technology (NIST) issued their latest version of essential guidance: Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations.  Led by Ron Ross, a NIST fellow and the project leader, a team of computer scientists spent the past two years […]

Many Banks And Credit Unions Fail The Vulnerability Testing Component Of Their IT Security Audit Due To Weak Patch Management

Do you have a patch management plan?  If so, how effective is it?  Many companies either lack a comprehensive plan or the necessary tools to properly automate the processing of updates.  In fact, the underlying reasons many banks and credit unions fail the vulnerability testing component of their IT security audit is this lack of […]