Conversations in Risk-Based Security

Healthcare Industry Case Study: Cybersecurity and Risk Management

Posted by Doug Yarabinetz on Aug 1, 2017 2:42:41 PM

Many companies in the healthcare market struggle with compliance projects and finding the time and knowledgeable resources, as-well-as the budget, to adhere to government regulations in a timely manner.

Read More

Topics: compliance mandates, FISMA Compliance, Risk Management, cybersecurity

Five Ways to Reduce Your Audit Tax

Posted by Doug Yarabinetz on Apr 17, 2017 4:43:05 PM

Taxes are certainly not fun, but there is something worse: an audit. Combine the two in a risk and compliance scenario and you have the onerous “audit tax,” a figurative term used to describe the expenses a company incurs when deploying resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. The good news is that there are ways to reduce the audit tax burden.

Read More

Topics: compliance, compliance mandates, Risk Management

WHERE IS MY IT RISK?

Posted by Doug Yarabinetz on Mar 21, 2017 12:22:09 PM

Managing IT risk is part of running any business these days. Regardless of what business you’re in, understanding IT risk can help you increase network security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for serious security breaches and financial losses down the road.

Read More

Topics: Risk Management, Security, cybersecurity

Live Webinar "Managed Security - How to Boost Your Security Posture Through Outsourcing Security to Experts"

Posted by Doug Yarabinetz on Mar 7, 2017 7:42:50 PM

Join us for the webinar "Managed Security - How to Boost Your Security Posture Through Outsourcing Security to Experts featuring research from the 2017 Cybersecurity Trends Spotlight Report published by the Information Security Community on LinkedIn in partnership with Crowd Research.

Read More

Topics: cybersecurity, GRC, Risk Management

Vendor Risk Management: An Educational Webinar Series

Posted by Doug Yarabinetz on Jan 5, 2017 4:49:15 PM

Organizations increasingly rely on vendors and third-party relationships for strategic business advantage.  Ensuring that these partnerships don’t create an unacceptable risk requires a complete vendor risk management approach.  Join Michael Rasmussen, The GRC Pundit at GRC 20/20, as he presents this 3 part educational webinar series on managing vendor risk and compliance.

Read More

Topics: Risk Management, Security, Vendor Risk Management

Lynx Risk Manager Integrates with Lieberman Software’s Enterprise Random Password Manager

Posted by Doug Yarabinetz on Dec 22, 2016 9:51:15 AM

Lynx Technology Partners and Lieberman Software recently announced an integration module for Lynx Risk Manager (LRM) which imports privileged account information from Lieberman Software’s Enterprise Random Password Manager (ERPM) and immediately updates security control scores in LRM.  These scores form the basis for continuous measurement of password-related security risks, as well as compliance to a wide range of regulatory frameworks.

Read More

Topics: GRC, Security, Risk Management

Bobby Dominguez, Chief Strategy & Security Officer at Lynx Technology Partners, to Examine IT Risk Programs and the NIST CSF at ISACA’s CSX North America Conference

Posted by Doug Yarabinetz on Oct 13, 2016 1:03:19 PM

Bobby Dominguez will discuss the operationalization of the NIST Cyber Security Framework to create an information technology risk program at ISACA’s CSX 2016 North America conference in Las Vegas, Nevada, USA, 17-19 October 2016. CSX 2016 North America will be focused on practical cybersecurity solutions and guidance, tailored to every level of a security professional’s career.

Read More

Topics: NIST Cyber Security Framework, Security, Risk Management, cybersecurity

Lynx Technology Partners and EC Council to Host Pittsburgh Training for Certified Chief Information Security Officer (CCISO)

Posted by Doug Yarabinetz on Sep 20, 2016 5:13:53 PM

Due to the high demand for live training and this course in particular, Lynx Technology Partners and the EC Council are partnering to bring CCISO to Pittsburgh October 24 through October 28, 2016.  The event will be hosted at the Lynx Technology Partners offices at 309 Smithfield Street in downtown Pittsburgh. 

Join the ranks of infosec managers making the leap to executive infosec leadership with Live CCISO Training!

Read More

Topics: Certified CISO Training, cybersecurity, GRC, Risk Management, Security

Escape Spreadsheet Hell:  Transitioning Your GRC Efforts

Posted by Don Leatham on Sep 16, 2016 8:34:50 PM

In many organizations the genesis of their GRC efforts can be traced back to a few isolated projects that were quick responses to external factors (e.g. scrambling to pass the first PCI audit, “What’s this HIPAA thing all about?”, etc.)  To get these projects going people turned to their reliable “universal tool”, the spreadsheet.  Suddenly spreadsheets became assessment tools, scoring programs, aggregated databases, report generators, etc.  For these projects, spreadsheet-based GRC rose to the occasion and saved the day!

Read More

Topics: Security, cybersecurity, GRC, Risk Management

Using the NIST Cyber Security Framework to Build Your IT Risk Program

Posted by Bobby Dominguez on Aug 22, 2016 2:56:42 PM

Creating a robust IT risk management program is critical in every business.  It is what will guide your security program, compliance regime, and even the decisions you make in selecting technology or business services. But before you can run, you have to walk.  Understanding the key elements of the NIST Cyber Security Framework (CSF) and focusing on best practices for applying the CSF will prepare you to implement an IT risk program.

Read More

Topics: NIST Cyber Security Framework, Risk Management, cybersecurity