Define Maturity Then Your Metrics

Security metrics are somewhat of an enigma.  Executives want something tangible to speak to and analyze yet they are not easy to define or measure.  Most likely you will hear examples such as ‘number of laptops stolen’ or ‘number of servers with known vulnerabilities’, but what do those num...

Trump, Oliver, and Objection

Let me begin by saying that the following text is intentionally ridiculous. I want to illustrate a point recently made about the upcoming E-Privacy Regulation, specifically related to direct marketing. Imagine one day, President Trump is in France for a summit to discuss some topic of relevance t...

Delivering Security and Privacy Designed for Today’s Threats

by Keri LeBlanc, Marketing Director, CyberDenfenses, Inc. Founded in 2001 by military cybersecurity veterans, CyberDefenses works closely with enterprise clients to provide battle-tested managed security services. If there is anything we’ve learned over the years, it’s that effectively protecting...

Do I need cyber insurance?

If you are going to store, access, process and/or transmit any critical or sensitive information on behalf of your organization or a third party then cyber insurance may be recommended.

GDPR, the right to erasure, and backups

As we work with clients to prepare them for GDPR we deeply dive into data subjects’ rights. When we cover the right to erasure, the same question comes up, “what about backups?”

PSR 2017 in Review

After a long trip from the northeast to San Diego, I finally made it to another exciting Privacy, Security, and Risk Conference from the IAPP. With GDPR on the horizon, the air was thick with discussion of this regulation in effect in May of next year. Even more so, a lot of questions received at...

The key to effective privacy training

I spend a lot of time facilitating privacy training. Whether it is directly for our clients or on behalf of the IAPP or their training partners, there are common elements to a successful educational event.

Privacy Ref and CyberDefenses Bring Privacy and Security Together

There is a saying that you can have security without privacy, but you cannot have privacy without security. While privacy and security are both concerned with the protection of information held by an organization, security provides the means to meet the business requirements identified to meet pr...

Can Consent Fall Short in GDPR?

Over the past several months, I have been taking a deeper dive into GDPR. I have found Article 6 on the legal basis for processing data particularly interesting. There is some discussion to be had for each company and how they will process data in a particular case, but I often hear that consent ...