<img src="https://secure.leadforensics.com/71120.png" style="display:none;">

Kalki Blog


Building cyber security leadership structure in your business

Posted by Stacy Willis on Oct 28, 2015 7:00:00 AM

Why is security important and why involve the C-suite? Cyber security is becoming an increasingly hot topic to businesses in all industries. We've seen the SEC getting involved with Investment Advisors and Broker Dealers to force improved cyber security controls. The FBI has warned multiple times about cyber security issues and encouraged even small businesses to take action ASAP. So where should businesses start? It starts from the top! Get your executive reporting and responsibilities for cyber security defined properly.

Read More

Topics: Human Resources, Staffing

Preventing Insider Misuse through Joiners Movers Leavers Processes

Posted by StacyNease4Fbhds on Jul 16, 2015 10:26:47 AM

Is your IT department having trouble keeping track of the access rights each user has? It’s a huge job, which makes it incredibly easy for things to get missed along the way. Flawed processes for adding, changing or removing user access rights are responsible for a lot of stories we’ve heard about insider misuse. Take the example of Goldman Sachs where a programmer stole company IP, or a case we blogged about a few months ago where a former employee released sensitive company data after being let go.

Read More

Topics: Human Resources

In the News: IT Manager commits cyber attack against former Employer

Posted by StacyNease4Fbhds on May 4, 2015 9:28:33 AM

Insider attacks are among the most common type of attack that businesses face, but they certainly are the most costly. Malicious insider attacks cost an average of $182,025 in 2014, according to Ponemon institute.

Read More

Topics: Human Resources, Cyber security

CAN-SPAM: Standards for the Sending of Commercial Emails

Posted by Kyle.Balicki on Mar 5, 2015 12:42:04 PM

Does your business use email? The CAN-SPAM Act is a law that sets the rules for commercial email, gives the recipients the right to have you stop emailing them, establishes requirements for commercial messages, and issues tough penalties for violations.

Read More

Topics: Security Credentials, Human Resources, Policies and Procedures

Too Many Data Protection Vendors Is A Loss

Posted by Kyle.Balicki on Jan 14, 2015 9:11:37 AM

It can be said that if one data backup, replication, archival and recovery provider is good, more must certainly be even better, right? It could be a smart choice to have a backup for a backup, just in case the first one experiences an issue or ends up shutting down entirely. This however, is not at all true based on several findings and key information. When it comes to data protection vendors, one is great because they have sole possession and they have a key understanding of what is going on and one solid system and process is being used. Having two is still okay, but having three or more is more than likely worse than having nothing at all.

Read More

Topics: Human Resources, Security technology, Cyber security, Policies and Procedures

NIST unveils framework to strengthen cybersecurity

Posted by Vikas.Bhatia on Feb 13, 2014 6:22:15 PM

President Barack Obama issued Executive Order 13636 that calls for the strengthening of "Critical Infrastructure Cybersecurity" nearly a full year ago on Feb. 19, 2013. Yesterday, the National Institute of Standards and Technology announcingthe release of version 1 of a Cybersecurity Framework.

Read More

Topics: Security Credentials, Breach, Risk assessment, anti-malware, small business, Human Resources, Security technology, identity theft, Cyber security, Policies and Procedures

Human Resources and Information Security

Posted by Stephen.Lawton on Oct 15, 2013 1:10:58 PM

Every company faces this dilemma at some point: an employee must be discharged from their job where they had access to confidential corporate data. The reasons are as varied as the people themselves. Perhaps the discharge is due to corporate downsizing. Maybe the company is changing its focus and the employee’s job has become obsolete. The worst scenario occurs when the company finds an employee doing something nefarious, such as stealing information or accessing confidential data to which they have no business responsibility, such as looking up the personal contact information for a client that the employee wants to date.

Read More

Topics: BYOD, Security Credentials, Risk assessment, small business, Human Resources, Psychology, Cyber security, Policies and Procedures