FCI

Cybersecurity Insurance Developments

The cybersecurity insurance market continues to evolve and there are some important developments for your consideration.  In short, although cybersecurity insurance is an important component in your cybersecurity plan (e.g., mitigating costs), it is critical…

Zero Trust 4/4: Networks

A Zero Trust approach considers users, endpoints, software, and networks as potential threats until proven otherwise. This post covers networks. Implementation of security policies is supported by a commercial-grade firewall, which prevents unauthorized entry as…

FCI article about OCSF in T3 / Technology Tools for Today

T3 published a new article about Coalition Of Cybersecurity Leaders Launch Open Cybersecurity Schema Framework (OCSF) written by FCI.   Link to the article: https://t3technologyhub.com/coalition-of-cybersecurity-leaders-launch-open-cybersecurity-schema-framework-ocsf/  

Zero Trust 3/4: Software

A Zero Trust approach considers users, endpoints, software, and networks as potential threats until proven otherwise. This post covers software.   Zero Trust software is achieved by hardening configurations and implementing security gateways between users…

Zero Trust 2/4: Endpoints

A Zero Trust approach considers users, endpoints, software, and networks as potential threats until proven otherwise. This post covers endpoints.   Any device used to access, store or control private data requires enforcement of cybersecurity…

Zero Trust 1/4: Users

A Zero Trust approach considers users, endpoints, software, and networks as potential threats until proven otherwise. This post covers users.   Do you know who your users are? Can you evidence it? Identity Management is…

SEC Proposes New Cybersecurity Rules

As you may remember, earlier this year the Securities and Exchange Commission (SEC) voted to propose cybersecurity rules and amendments related to disclosures, risk management and security incidents for registered investment advisers and registered investment…

Forbes cites Brian Edelman, FCI CEO & Cybersecurity Expert

Link to: “15 Ways to Leverage And Supplement AI In Your Cybersecurity Efforts”   With more companies moving to permanent remote or hybrid work models, more endpoints are accessing systems of private data without proper…

Managed Is Most Secure

For endpoint protection, you could provide instructions to your users or your IT team to manually configure settings (complex password, screen saver, personal firewall, etc.) and install tools (antivirus, full-disk encryption, multifactor authentication, etc.). With…

NYDFS Announces Statement of Charges Hearing against First American Financial

Subsequent to the first ever cybersecurity enforcement action filed by The New York State Department of Financial Services (NYDFS) on July 22, 2020, a Statement of Charges Hearing will be held on January 21, 2022, to determine whether First American Title Insurance Company has committed violations of §§ 500.02, 500.03, 500.04, 500.07, 500.09, 500.10, 500.14, 500.15…

NYDFS Issued Industry Guidance on Multi-Factor Authentication

On December 7, 2021, the New York Department of Financial Services (NYDFS) issued Industry Guidance for all regulated entities on Multi-Factor Authentication (MFA) as an essential technical control required by the Cybersecurity Requirements for Financial…

Hardening Systems of Private Data

We all focus on Endpoint and Network Security but too often overlook software and how security settings should be hardened. For example, when you start to use a software, it is usually configured generically by…

Ransomware Protection

Ransomware incidents are up 300% in the past year and remain a top cyber threat as attacks continue to surge against the financial sector. Implementing cybersecurity technical controls is the best defense against ransomware attack.…