Security

WATCH: Always On Virtual Series Spotlight: Securing an Insecure World

Not a day goes by without a phishing incident, a ransomware attack taking down a major corporate network, or a data breach compromising millions of customer records. And these are only the ones that are detected and reported by the media. We live in an “Assumption of Breach” world and as attack surfaces exponentially increase […]

05.08.2019

Rear view of two partially unrecognizable men sitting in front of a computer. One of them is pointing at a screen where are several lines of computer code.

Security

Assumption of Breach, Part I: A New Approach to Cyber Security

Several large enterprises have been victimized by catastrophic cyber security incidents over the past few years. They’re so severe, they even caused executives to resign and profits to disappear. In the wake of these high-profile incidents, the media’s message has been clear: if organizations with nearly unlimited resources can be compromised, data breaches are inevitable […]

12.12.2017

Mid section view of a businessman hand touching secure server words represent the concept of secure data storage. Protect your knowledge and business data.

Security

Ransomware and Things That Go Bump in the Night

In the treacherous world of cyber security—or cyber insecurity—things that go bump in the night are the things that can bring an organization to its knees. Unexpected new breach threats, employee errors, and poor data policies can destroy even the most iron-clad cyber security strategy. Here, we break down three things that keep security professionals […]

03.14.2017

Cybersecurity

Security

Why Reading This Will Not Raise Your Security Game

I absolutely love the fact that information assurance and security is such a hot topic. It makes me ecstatic to know that an area so critical to organizations in nearly every sector is becoming a more top-of-mind conversation. People are consuming content, going to conferences and getting inspired to take action. But the truth is, […]

02.07.2017

Data Protection

Security

Assumption of Breach Part IV – Technology

We have reached the end of the line! After discussing the importance of a robust defined security policy in my last blog entry, in this post I’ll be tackling the fourth and final foundational element in an effective security program—technology. Security technology can be broken down a number of different ways, but at Carousel, we […]

02.04.2017

State House in Providence, Rhode Island

Security

Cyber Security Q&A with Rhode Island Congressman Jim Langevin

Last year, I had the honor to accompany longtime friend and Rhode Island Congressman Jim Langevin to the State of the Union Address as his guest. Congressman Langevin was gracious enough to extend the invite due in large part to our shared passion for cyber security and workforce development. As co-chair of the Congressional Cybersecurity […]

02.02.2017

Risk Management

Security

How to Be a Risk-Ready CISO

Today’s information security leaders are quickly maturing into strategic business thinkers, growing beyond the traditional technical purpose of initiatives like implementing the latest firewalls or malware detection tools. The days of the CISO who is exclusively a highly-qualified network engineer have come to an end. Instead, the effective modern-day CISO has that strong technology foundation, […]

01.31.2017

Business People Planning Strategy Analysis Office Concept

Security

Assumption of Breach Part III—Policy and Process

In my last blog entry, I discussed the first of three foundational elements for a security program: all of the people who interact with your organization’s systems and data. In this post we’ll tackle the next element of cyber security—policy and process. For the purposes of this post, I am going to use these two […]

01.30.2017

Security concept with businessman and hacker hands on laptop keyboard.

Security

Assumption of Breach, Part II—The People Element

In the first installment of this series I discussed the need for organizations to change their approach to cyber security to an “assumption of breach model,” or an understanding that in today’s threat landscape, it is unrealistic to thwart 100 percent of malicious attacks. That previous post also mentioned that this new approach should focus […]

01.16.2017